AC-Hunter™ Community Edition is a free version of AC-Hunter that provides threat hunting functionality with some limitations. It offers the same powerful threat hunting analytics and network insights as the paid Enterprise Edition. Users can choose between an install script or a VMWare virtual image based on their specific use case. AC-Hunter Enterprise and AC-Hunter Community Edition are compared in a chart, and users are also directed to other threat hunting tools.

本文介绍了11款免费、可用于内网穿透的轻量、简洁的隧道工具和平台，包括Loophole、localhost.run、localtunnel、expose、bore、tabserve、staqlab、jprq、zrok、telebit和ssh-j.com。这些工具提供了将本地服务器暴露到公共网络的功能，支持不同的隧道协议和自定义域名。

This article explains how to use Azure Automation and PowerShell to create a daily Microsoft Entra risk report. By automating the process, administrators can monitor risk events, gather data, format it into an HTML report, and send it via email. The report includes information on risk detections, risky users, and risky service principals, providing visibility into identity-based attacks and allowing for timely action. The article provides step-by-step instructions on setting up the Azure Automation account, assigning necessary permissions, installing required Microsoft Graph PowerShell SDK modules, adding the code, reviewing the report, and scheduling the script to run daily.

To use PNETLab, download the .ova file and deploy it on virtualization platforms like VirtualBox or VMWare. Make sure to enable virtualization in your BIOS. After deployment, register and login to access the PNETLab box through your browser. You can choose between online and offline mode, with offline mode not requiring registration. In the PNETLab box, you can go to the store to download free labs and practice them. The labs come with lab files, workbooks, and instructions on how to use the console.

这篇博客分享了一次服务器被入侵的处理过程和一些启示。处理措施包括删除恶意文件、解锁文件和目录、还原被篡改的命令、清空异常文件内容等。启示包括加强安全组设置、增加密码复杂性、监控关键文件、限制登录IP、关闭外网、检查异常进程和定时任务等。