security

Create strong passwords in Windows

Learn how to create strong and unique passwords in Windows using PowerShell, because the use of those is important. Whereas creating a secure password was difficult in Windows, you nowadays have the tools at hand to do this properly. Unique passwords keeps you safe(r) online and all those unique passwords are easily and securely stored in a password manager.

Published on Friday, 29 March 2024

Calculate SHA-256 checksums in PowerShell

Learn how to calculate and create file checksums with PowerShell's Get-FileHash and certutil.exe. Use this to validate file integrity in Windows (Windows Server).

Published on Tuesday, 10 October 2023

Send email with PowerShell

Easily send your DevOps reporting by email with this PowerShell function, because the Send-MailMessage cmdlet is obsolete. Of course you'll be using StartTLS and authenticated SMTP as additional security.

Published on Tuesday, 14 March 2023

Are you in my blocklist?

With just a few manual steps, you create your own little blocklist for WordPress in either a `.htaccess` or `web.config` file. Here are the IP addresses I'm currently blocking. Note, this list can get long (loooonnggg).

Published on Sunday, 12 February 2023

YubiKey support in OpenSSH for Windows 11 and Windows 10

Now Win32-OpenSSH has decent support for FIDO/U2F hardware authenticators you can finally use your YubiKey for SSH authentication in Windows 11, jeej! Here is how.

Published on Sunday, 14 August 2022

Quickly check EnableTrailerSupport isn't set in your network for http.sys (CVE-2022-21907)

Find out fast if your IIS webservers have EnableTrailerSupport enabled for https.sys in the registry

Published on Friday, 14 January 2022

What are 4 important security measures for Windows Server & IIS 10?

In this post I address four (4) important actionable security measures for your servers running Windows Server (AD DS, DFS, IIS) and RDP.

Published on Monday, 15 May 2017

Check WordPress Core files integrity

Check WordPress integrity and verify WordPress Core files' md5 checksums against WordPress' checksums API, using this standalone PHP file. I chose to use a standalone PHP script to check the md5sum of WordPress Core files against the API so you're not dependent on a possibly hacked WordPress installation. This kind of guarantees the result can be trusted, as opposed to using a WordPress plugin. I think this is a better integrity check of WordPress Core files.

Read more...

Published on Friday, 16 December 2016

Binary webshell through OPcache in PHP 7

GoSecure wrote up a new PHP exploitation technique using the default OPcache engine from PHP 7. Using this attack vector, it's possible to bypass certain hardening techniques that disallow the file write access in the web directory. This could be used by an attacker to execute his own malicious code in a hardened environment.

Read more...

Published on Thursday, 28 April 2016

"System.Web.HttpException (0x80004005): The URL-encoded form data is not valid." error after MS11-100

After applying MS11-100, an out-of-band security update for ASP.NET to mitigate an ASP.NET Denial of Service vulnerability, you may experience the errors comming from .NET web applications

Published on Tuesday, 3 January 2012

windows-server (113) iis (80) powershell (77) php (55) wordpress (47) mysql (36) windows (34) performance (28) linux (23) web.config (23) Website (22) htaccess (20) aspnet (19) url-rewrite-module (19) sql-server (18) bash (18) optimization (18) ssl (17) gnu-linux (13) plugin (13) windows-10 (12) devops (11) monitoring (11) security (10) appcmd (10) wsl (9) smtp (9) wincache (9) wmi (8) zabbix (8) windows-update (8) opcache (8) openssh (7) database (7) dism (7) iis-60 (7) sysops (6) wsus (6) apache (6) hyper-v (6) virtualization (6) spam (6) functions-php (6) classic-asp (6) ddos (6) password (5) email (5) active-directory (5) umbraco (5) joomla (5) command-line (5) application-pool (5) blacklist (5) t-sql (4) wql (4) https (4) group-policy (4) backup (4) connector-net (4) debug (4) logparser (4) network-adapter (4) dns (4) query_cache (4) ghost (4) iisnode (4) node-js (4) vbscript (3) windows-firewall (3) brute-force (3) ftp (3) postfix (3) forensics (3) benchmark (3) xss (3) disk-cleanup (3) disk-space (3) sql-injection (3) openssl (2) net-core (2) visual-studio (2) windows-defender (2) rdp (2) connector-odbc (2) c (2) mysqldump (2) xml-rpc (2) smb (2) cross-site-scripting (2) innodb (2) httpbl (2) centos (2) magento (2) denial-of-service (2) deployment (2) windows-deployment-services (2) mysqli (2) open-xchange (2) waf (2) web-application-firewall (2) code-base (1) windows-11 (1) ipv6 (1) networking (1) sqlce (1) tinymce (1) Prianha-CMS (1) kvm (1) http-3 (1) quic (1) wmsvc (1) database-mirroring (1) service-principal-names (1) spn (1) jetpack (1) api (1) kms (1) red-hat (1) varnish-cache (1) elasticsearch (1) dhcp (1) jquery (1)