JasonDec 21, 2023

The System Informer tool replaces Process Hacker. It's very similar to Process Explorer, but open source. I've replaced these other tools in my SANS course labs (SEC505) with System Informer. I highly recommend it, it's a fun way to spend the day: https://www.systeminformer.com

#SystemInformer #Windows #DFIR #Forensics #InfoSec #PowerShell #SEC505 #SANS

System Informer

System Informer, A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.

JasonJun 20, 2023

Wow, Microsoft has started over AGAIN with a fundamentally new design for DSC. It's not really even PowerShell DSC anymore, it's more the "concept" of DSC (a quote from the video). In two years, will Microsoft rewrite it again?

https://www.youtube.com/watch?v=QsyyN6ejNA4

#SEC505 #PowerShell #DSC #PSDSC #Ansible

DSC Community Call - April 2023

YouTube
JasonJan 9, 2023

Find the source of account lockouts in Active Directory using PowerShell:

https://4sysops.com/archives/find-the-source-of-account-lockouts-in-ad/

#PowerShell #ActiveDirectory #InfoSec #CyberSecurity #SEC505

Find the source of AD account lockouts

In a previous post, we discussed how to quickly unlock AD accounts with PowerShell. However, the main problem admins tend to face is identifying the source computer or service that is causing the account to lock out in the first place.

4sysops