Entra ID – Deep Dive – The Basics – Part 1 | Journey Of The Geek

Utilizing Rclone to easily access Cloudflare R2 Bucket | Austin Noll | Notion

How to Install Apache Guacamole on Ubuntu 24.04 - kifarunix.com

Install Edge browser via Powershell | Some Notes on the Machines

How Much Does SOC 2 Certification Cost? [2024 Prices]

rclone 配合 cloudflare r2 备份站点

SRC漏洞思路分享：通过 OneForAll 挖掘子域，发现与修复云存储“列桶/暴露”风险

Installing OpenVAS on Kali Linux. OpenVAS, an endpoint scanning… | by Hassen Hannachi | Medium

中国区空全局注册方法与订阅完整指南，同时也支持海外区 - 如有乐享

Utilizing Rclone to easily access Cloudflare R2 Bucket | Austin Noll

How to Play H.264 Files in VLC: Step-by-Step Guide with Videos - Reolink Blog

Building A Secure And Scalable Azure Landing Zone: Best Practices And Insights - Royal On Tech

Hands-On Lab: Penetration Testing with OWASP ZAP | by Lexus Collins | Medium

⭐[教程] 通过CloudFlare+SaaS回源优选IP使国内用户高速访问网站 - Dooo.ng 个人博客

通过CloudFlare SaaS搭建网站 – ACAEO

Office/WPS接入DeepSeek-R1等多种大模型，开启办公新模式！ - 纪元A梦 - 博客园

Azure spot 虚拟机自启 | Saika's Blog

IDM-中文免激活绿色版-牛麦子

hmhm2022/Card-Tab: ✨一个部署在CF的轻量化导航页面，可移动卡片式书签，方便管理

如何不透過 Microsoft Store 安裝 Microsoft Store 的應用程式 | 毛哥EM資訊密技

Wordpress邮件通知解决方案-免费的SMTP发信插件和邮件服务 - 挖站否-挖掘建站的乐趣

chfs (CuteHttpFileServer) - 将文件夹变成网盘网页！免费绿色 HTTP 文件共享工具 | 铁牛

11 search engines for cybersecurity research you can use right now - Help Net Security

绕过付费墙解锁各种付费会员内容的工具

6 IT risk assessment frameworks compared | CSO Online

6 Types of Applications Security Testing You Must Know About

甲骨文ARM服务器安装Windows - 编程随想

How attackers evade your EDR/XDR system — and what you can do about it | CSO Online

How to configure BGP over IPSEC VPN Fortigate CLI. - Secnetlinux

自建企业级邮件服务器、域名邮箱！iRedMail 企业级邮件系统搭建、配置、优化教程！ – V2RaySSR综合网

How to run a packet capture on a Fortigate (CLI) - Secnetlinux

同时使用国内CDN和Cloudflare - 夏日冰菓

How to configure a SSL-VPN with certificate authentication on a Fortigate

Checklist for Fortigate admin access over SSL-VPN

NESSUS 10.6.4在Windows11安装破解全指导+避坑指南-CSDN博客

How to configure an Automation Stitch (email alert) for CPU threshold on a Fortigate. - Secnetlinux

【远程控制】GotoHTTP 无视杀软实现远控 - 极核GetShell

4 tabletop exercises every security team should run | CSO Online

Build a Command-Line App with Python in 7 Easy Steps - KDnuggets

Containerize Python Apps with Docker in 5 Easy Steps - KDnuggets

ired.team 红队笔记 渗透测试备忘单 

Incident-Response-Powershell 应急响应脚本

Cloudfalre Access应用问题一二 » 老E的博客

Azure Application registrations, Enterprise Apps, and managed identities - adatum

bin456789/reinstall: 一键重装 / 一键 dd / One-click Reinstall OS

RedteaGO - 最划算的大陆漫游 eSim 流量卡，原生境外 IP，注册就送 3 刀。 - 思有云 - IOIOX

SOC2 – Index

Nessus 特别版+2024插件 10.6.4 For Linux【适用于Debian & Ubuntu系统】

ChatGPTNextWeb/ChatGPT-Next-Web: A cross-platform ChatGPT/Gemini UI (Web / PWA / Linux / Win / MacOS). 一键拥有你自己的跨平台 ChatGPT/Gemini 应用。

AC-Hunter™ Community Edition - Active Countermeasures

11款轻量、简洁、可用于内网穿透的免费隧道工具与平台 » 老E的博客

Use Azure Automation and PowerShell to Create a Daily Microsoft Entra Risk Report | Practical365

10 cybersecurity frameworks you need to know about - Help Net Security

PNETLab : Lab is Simple

How to Run Program without Admin Privileges and Bypass UAC Prompt | Windows OS Hub

Astra Pro主题超详细手把手设置图文教程 - 虾皮路

目标web网站信息收集内容及一些工具

容器安全之镜像扫描 - 自由早晚乱余生 - 博客园

服务器入侵之找出隐藏字符的原理 - 自由早晚乱余生 - 博客园

5 Best Open Source SIEM Tools | Mezmo

一次被入侵和删除木马程序的经历-阿里云开发者社区

一次服务器被入侵的处理过程分享 - 自由早晚乱余生 - 博客园

Create and host a tunnel - Microsoft dev tunnels | Microsoft Learn

Automated Alerts on Azure (Entra ID) Application Secret Expirations - The Lazy Administrator

微软免费开发隧道(内网穿透)，支持Linux/Windows/macOS - 如有乐享

Build DMZ in Azure Cloud | Blog by Raihan Al-Beruni

Best practices for network security - Microsoft Azure | Microsoft Learn

Greenbone Community Containers 22.4 - Greenbone Community Documentation

How To Setup A L2TP/SSTP Client Access RRaS Server In Azure ~ Bauer-Power Media

Let's Configure Azure Site-to-Site VPN with RRAS in Azure Resource Manager! | Microsoft Learn

4 budget-savvy strategies for building an effective purple team | CSO Online

TheMediocreCoder/Sync-CyberArk-Password-Azure-KeyVault-Secret: Push / Update CyberArk Passwords to Azure Key Vault

Guidelines for secure AI system development - NCSC.GOV.UK

Incident Response Plan: Frameworks and Steps - CrowdStrike

redcanaryco/invoke-atomicredteam: Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder] of Red Canary's Atomic Red Team project.

Quickstart · Wazuh :The Open Source Security Platform Unified XDR and SIEM

Cross-Sector Cybersecurity Performance Goals | CISA

巧用谷歌云，免费创建4核16G固定IP的RDP桌面 - 考拉kk-考拉kk

6 Steps to Accelerate Cybersecurity Incident Response

[新服务]fly.io使用部署next-terminal+ 宝塔远程mysql – 1024.ee

Zero Trust vs Defense in Depth: Which is right for your org? - One Identity - Blogs - One Identity Community

在 PaaS 平台持久化地部署您的 Ghost 博客 - 独立世界

XRDP: Linux RDP server with Active Directory integration – 4sysops

OpenVAS docker container setup (Working 2022, all NVTs) | by dh0ck | System Weakness

使用Docker构建PyCharm开发环境_pycharm create a new docker target-CSDN博客

自建 Gotosocial | 一个 ActivityPub 联邦社交网络程序 - 独立世界

Azure Well-Architected Framework - Microsoft Azure Well-Architected Framework | Microsoft Learn

A zero trust approach to security architecture - ITSM.10.008 - Canadian Centre for Cyber Security

How I use the MITRE D3FEND Matrix to defend against ATT&CK(s) | by Lennart Erikson | Sep, 2023 | Medium

Create security baselines - Training | Microsoft Lea

Downloads | Steampipe

Try out SonarQube

How to automate opening and login to websites with Python | by Hristina Gulabovska | Medium

Moving to a Zero Trust Security Model - SentinelOne

【好玩儿的 Docker 项目】80、90 回忆杀，10 分钟搭建复古中文 DOS 游戏，最多畅玩 1898 款！ | 我不是咕咕鸽

分享一下自己在 VPS/NAS/ 本地电脑上是怎么备份数据的 | 我不是咕咕鸽

【好玩儿的 Docker 项目】10 分钟搭建一个高颜值的在线工具箱，用户体验很棒！ | 我不是咕咕鸽

【好玩儿的 Docker 项目】10 分钟搭建一个简单图床 ——Easyimage | 我不是咕咕鸽

DCToolbox – An Easy Approach to Deploy Conditional Access Policies

Raven: Open-source CI/CD pipeline security scanner - Help Net Security

The post introduces a deep‑dive series on Microsoft Entra ID, explaining its core functions as an identity store and authentication service that support protocols like OAuth, OIDC, SAML, Kerberos, and LDAP. It clarifies the distinction between application objects (app registrations) and service principals, describes how tenants and cross‑tenant access work, and outlines basic concepts such as human vs. non‑human identities, application registration, and service principal usage. The author previews upcoming tutorials that will demonstrate practical implementations of Entra ID flows—including OIDC login, client‑credentials, and on‑behalf‑of scenarios—using simple Flask and FastAPI examples to illustrate authentication, token handling, and integration with Microsoft Graph and Azure storage.

Rclone enables easy management of Cloudflare R2 buckets by downloading the tool (and optionally RcloneBrowser), configuring it according to Cloudflare’s guide, and then mounting the bucket as a drive in File Explorer for seamless file access and organization.

A guide for installing Apache Guacamole on Ubuntu 24.04, covering required dependencies, building and installing guacamole‑server, setting up Tomcat 9, configuring Guacamole client and properties, creating user mappings, and accessing the web interface.

summary: This PowerShell script installs Microsoft Edge on AMD64 Windows by setting TLS protocols, creating a temporary directory, downloading the Edge Enterprise MSI from a Microsoft link, and silently running the installer; the script notes a newer, more durable download URL and references additional platform support.

SOC 2 certification costs vary widely, with total expenses ranging from tens to hundreds of thousands of dollars depending on company size, audit type (Type I or II), and preparation steps such as pre‑assessment, software, penetration testing, and training; SMBs under 50 employees typically face around $91 K, while those with 50‑250 employees may see costs near $186 K, and the process can take several months to a year, involving extensive documentation, audits, and potential gap remediation.

本文介绍了使用 rclone 配合 Cloudflare R2 进行站点备份的完整步骤，包括安装 pigz 与 rclone、配置 R2（编辑 rclone.conf 并设置 access_key、secret_key、endpoint），以及下载并编辑备份脚本和配置文件。提供了手动备份、通过 crontab 设置每日凌晨 2 点自动备份并在成功后删除本地文件的示例，还列举了常用的 rclone 命令用于复制、同步、列出和删除文件，帮助实现本地目录与 R2 存储桶之间的高效备份与恢复。

OneForAll 是一款用于子域收集的开源工具，能帮助安全团队发现未管理的外部资产并进行风险评估。文章介绍了其安装和使用方法，并强调在合规和授权的前提下进行安全评估与修复建议，避免提供未授权入侵的细节。同时，提醒用户在进行渗透测试时需获得明确授权，并优先使用专业安全工具。

OpenVAS is an endpoint scanning tool used to identify vulnerabilities in systems. To install it on Kali Linux, ensure the system is updated, then install OpenVAS using specific commands. The setup process involves downloading vulnerability definitions and creating an admin account. Users can verify the installation and manage scanning tasks through a web interface. The guide also covers configuring scan targets, adjusting scan settings, and managing user credentials, emphasizing the importance of effective vulnerability scanning in today's increasingly connected environments.

本文详细介绍了如何注册中国区的空全局账户并创建Office 365 E3订阅，强调了注册过程中的关键步骤和注意事项，包括停止在填写信用卡信息时。还提供了多个直接购买订阅的链接和相关信息，提醒用户翻车概率较高，不建议随意尝试。

Rclone is a versatile tool for managing files in cloud storage, compatible with Cloudflare R2. To use it, download Rclone and optionally RcloneBrowser for a GUI experience. Configure the connection by specifying the location of rclone.exe and follow Cloudflare's documentation for setup. Once configured, you can mount the Cloudflare R2 bucket as a drive in File Explorer for easier file management, allowing for seamless access and organization of items within the bucket.

To play H.264 files in VLC, update to the latest version or convert them to MP4. Steps include adjusting VLC settings to use the H.264 video demuxer and troubleshooting tips if playback fails. Additionally, converting H.264 files to MP4 can be done using a codec converter. VLC supports various codecs, making it a versatile media player for different formats.

Azure Landing Zones provide a structured framework for deploying secure and scalable environments in Microsoft Azure, facilitating cloud adoption through best practices in governance, security, and compliance. They offer foundational and enterprise types tailored to organizational needs, emphasizing automation, cost management, and efficient resource allocation. Key design principles include networking, identity management, and governance, ensuring a well-governed cloud environment. Deployment options include using the Azure Portal, Bicep, or Terraform, allowing flexibility and customization to meet specific requirements.

This lab covers penetration testing using OWASP ZAP, including installation, scanning a web application for vulnerabilities, and interpreting the results. Key tasks involve setting up the Java Runtime Environment, installing ZAP, and performing automated scans on a test site designed for learning about security flaws.

本教程详细介绍了如何搭建、配置和优化iRedMail企业级邮件服务器，使用自己的域名作为邮箱后缀。内容包括准备工具、系统设置、iRedMail的安装与配置、DNS记录的设置（如A记录、MX记录、SPF记录、DKIM记录和DMARC记录），以及如何添加用户和测试邮件服务器。通过这些步骤，用户可以创建一个可靠的邮件系统，避免邮件丢失和进入垃圾箱的问题。

本文介绍了如何同时使用国内CDN和Cloudflare以实现网站的加速。通过配置Cloudflare和国内域名供应商的DNS记录，可以确保国内用户通过国内CDN访问，而国外用户则通过Cloudflare加速访问。文中详细描述了每一步的设置过程，并强调了测试响应速度的重要性。

This guide details the steps to configure an SSL VPN with certificate authentication on a Fortigate device, using OPENSSL to generate the necessary CA and certificates. Key steps include generating a root certificate, creating server and client certificate signing requests (CSRs), signing the CSRs, and importing the certificates into the Fortigate. The guide also covers configuring PKI users, SSL-VPN settings, and troubleshooting commands.

The checklist for Fortigate admin access over SSL-VPN includes ensuring trusted hosts are configured, allowing access on the interface, establishing a firewall policy from the SSL-VPN interface to the LAN, and verifying the routing table for proper connectivity. Specific configuration commands are provided for each step to facilitate the setup process.

本文详细介绍了在Windows 11上安装和破解NESSUS 10.6.4的步骤，包括下载安装、获取插件包、破解过程、关闭更新以及避坑指南。强调了在破解过程中需要注意的细节和可能遇到的问题，提供了解决方案和官方链接以供参考。

To configure an Automation Stitch for CPU threshold alerts on a Fortigate, set the CPU usage threshold to 50% and create an Automation Stitch under Security Fabric. Use the GUI to select CPU Usage Statistics as the trigger and specify the email address for alerts. Alternatively, configure it via CLI by setting the SMTP server and email parameters. Test the configuration by generating traffic to exceed the CPU threshold.

本文介绍了如何使用GotoHTTP远程控制软件绕过杀毒软件进行远控，适用于目标机器为Windows的场景。优点包括无需安装控制端、低带宽运行和支持图形界面等，但需管理员权限并可能被某些杀软拦截。提供了详细的使用方法，包括在拥有完全权限或仅有命令行权限的情况下的操作步骤，并强调了成功连接后的注意事项。

Security teams should run tabletop exercises to prepare for ransomware, third-party risks, insider threats, and distributed denial-of-service (DDoS) attacks. These exercises help identify vulnerabilities, improve response strategies, and ensure compliance with regulatory requirements. Key questions for each scenario include data encryption, partner vetting, insider threat detection, and DDoS mitigation plans. Regularly conducting these exercises with relevant stakeholders, including legal and communications teams, enhances overall cybersecurity readiness.

This tutorial guides readers through building a command-line TO-DO list app in Python using the argparse and os modules. It covers creating a project directory, setting up an argument parser, and defining functions to add, list, and remove tasks. The tutorial also includes steps to parse command-line arguments and run the app. It concludes with suggestions for further improvements, such as error handling and adding task priorities. The tutorial emphasizes learning by building and provides a link to the complete code on GitHub.

This post from KDnuggets outlines a five-step process to containerize Python applications using Docker. It covers installing Docker, coding a Python application, creating a Dockerfile, building the Docker image, and running the Docker container. The tutorial uses a command-line TO-DO list app as an example and emphasizes the benefits of Docker for managing dependencies and creating isolated, reproducible environments.

这篇文章是关于渗透测试备忘单和红队笔记的。它包含了各种命令和技术，如检查Powershell日志记录、检查WinEvent日志中的SecureString泄露、审计政策、检查LSASS是否在PPL中运行等。此外，还包括了一些利用技术，如二进制利用、破解ZIP密码、设置简单的HTTP服务器等。文章还提供了一些有用的命令和工具，如MySQL用户定义功能提权、Docker权限提升、重置root密码等。最后，还提供了一些网络工具和技术，如端口转发、SSH隧道、文件传输协议等。

这篇文章介绍了一个名为"Incident-Response-Powershell"的应急响应脚本，可以帮助响应Windows设备上的网络攻击。脚本包括收集Windows事件、安全事件、即插即用设备、本地管理员等信息，并可以将取证文物导出为CSV文件以进行SIEM导入。文章还提供了脚本的下载地址和效果图。

Cloudflare Access是一种企业级Zero Trust产品，提供免费的无限期、无流量限制、50台设备支持的零信任解决方案。本文简要记录了团队域的手动加入、客户端设备控制和身份验证策略等内容。

This post provides information on Azure application registrations, enterprise applications, and managed identities. It explains the purpose of application registrations and the trust relationship established between Microsoft's identity platform and custom applications. It also discusses enterprise applications as the application identity within Azure AD and the relationship between app registrations and enterprise applications. Additionally, the post covers managed identities and their role in assigning identities to Azure resources. The author aims to clarify these concepts in the context of authentication in Azure.

该文档是关于一键重装脚本的介绍。该脚本具有多个功能，包括安装Linux、DD、重启到Alpine救援系统、重启到netboot.xyz和安装Windows ISO。脚本具有多个亮点，如使用官方安装程序、实时获取资源、适配不同规格的服务器、支持多种操作系统和提供多种安装方式。此外，还提供了下载和使用的说明。

RedteaGO是一个提供eSim全球漫游上网的平台，针对中国大陆有长期优惠套餐，每天1GB只需0.49美元，注册时使用邀请码"STIL0009"可获得3美元余额。通过实用测试发现，购买套餐后激活即可使用，网速稳定且足够日常使用，适用于备选方案。

This document provides information about SOC2, including objectives related to privacy, controls per TugboatLogic, types of SOC2 reports, SSAE 18, management insights, additional frameworks, and references. SOC2 focuses on controls and policies related to access control, security operations, risk management, business continuity, organization and management, asset management, information and communications, audit and compliance, data security, SDLC security, and continuous compliance. It is important for service organizations to comply with SOC2 requirements to ensure the security and privacy of data.

这篇文章介绍了Nessus+2024插件的安装步骤。提供了下载脚本和安装方法，并附有插件数量和卸载方法。文章还包含了Nessus的启动和停止命令以及注意事项。请注意，本文仅供参考，请遵守软件许可协议和法律法规。

ChatGPT Next Web is a cross-platform ChatGPT/Gemini UI that allows users to deploy a well-designed ChatGPT web UI with support for GPT3, GPT4, and Gemini Pro models. It offers features such as one-click deployment, compact client for Linux/Windows/MacOS, compatibility with self-deployed LLMs, privacy-first data storage, markdown support, responsive design, and support for multiple languages. The roadmap includes features like system prompts, user prompts, prompt templates, image sharing, desktop app with Tauri, self-hosted models, and plugins. The project provides documentation, FAQs, and instructions for development and deployment.

AC-Hunter™ Community Edition is a free version of AC-Hunter that provides threat hunting functionality with some limitations. It offers the same powerful threat hunting analytics and network insights as the paid Enterprise Edition. Users can choose between an install script or a VMWare virtual image based on their specific use case. AC-Hunter Enterprise and AC-Hunter Community Edition are compared in a chart, and users are also directed to other threat hunting tools.

本文介绍了11款免费、可用于内网穿透的轻量、简洁的隧道工具和平台，包括Loophole、localhost.run、localtunnel、expose、bore、tabserve、staqlab、jprq、zrok、telebit和ssh-j.com。这些工具提供了将本地服务器暴露到公共网络的功能，支持不同的隧道协议和自定义域名。

This article explains how to use Azure Automation and PowerShell to create a daily Microsoft Entra risk report. By automating the process, administrators can monitor risk events, gather data, format it into an HTML report, and send it via email. The report includes information on risk detections, risky users, and risky service principals, providing visibility into identity-based attacks and allowing for timely action. The article provides step-by-step instructions on setting up the Azure Automation account, assigning necessary permissions, installing required Microsoft Graph PowerShell SDK modules, adding the code, reviewing the report, and scheduling the script to run daily.

This article highlights 10 essential cybersecurity frameworks that organizations should be aware of and implement to protect their digital assets. These frameworks include the NIST Cybersecurity Framework, ISO/IEC 27001, CIS Critical Security Controls, COBIT, CSA Cloud Controls Matrix, HITRUST CSF, Katakri, PCI DSS, SOGP, and Secure Controls Framework. Each framework offers a structured and strategic approach to managing cybersecurity risks and enhancing an organization's cybersecurity posture.

To use PNETLab, download the .ova file and deploy it on virtualization platforms like VirtualBox or VMWare. Make sure to enable virtualization in your BIOS. After deployment, register and login to access the PNETLab box through your browser. You can choose between online and offline mode, with offline mode not requiring registration. In the PNETLab box, you can go to the store to download free labs and practice them. The labs come with lab files, workbooks, and instructions on how to use the console.

This article provides various methods to run a program without admin privileges and bypass the UAC prompt in Windows OS. It covers topics such as configuring permissions for non-admin users, allowing standard users to run programs that require admin privileges, bypassing UAC with the RunAsInvoker option in CMD, enabling the RunAsInvoker mode in the EXE file manifest, and creating a shortcut to run a program with a saved administrator password. Each method is explained in detail with step-by-step instructions.

Astra Pro是一款功能齐全、易于使用、具有灵活性的WordPress主题，适用于各种类型的网站。它具有快速加载速度、设计灵活性、广泛的集成、响应式设计和SEO友好等优点。本文提供了关于Astra Pro主题的详细设置图文教程，包括安装、导入预制网站、自定义Header和Footer、配置布局和颜色选项、设置导航菜单、自定义产品页面、自定义首页、关于页面和联系页面、自定义博客页面、制作Mega Menu和将Elementor模板添加到超级菜单等内容。

本文介绍了目标web网站信息收集的两种方法（主动收集和被动收集），以及域名信息收集、网站指纹识别、整站分析、主机扫描、端口扫描、敏感目录和文件扫描、旁站和C段扫描、网站漏洞扫描等内容。提供了一些工具和在线查询网站供参考。

本文介绍了容器镜像扫描的两种工具：docker scan和Trivy。docker scan是docker官方推出的插件，需要登录dockerhub用户才能使用，免费扫描限制为10次/月。Trivy是一个全面且多功能的安全扫描仪，支持多种扫描场景和平台。文章还提到了镜像扫描的几种应用场景，并介绍了ImagePolicyWebhook容器镜像扫描的实现方式。

本文介绍了在服务器入侵过程中发现隐藏字符的原理。通过使用命令如cat -A，可以查看隐藏字符，其中包括转换为\\r的^M字符，它表示回车并可能导致内容覆盖。文章提供了示例和注意事项，并给出了参考文章和作者信息。

This post discusses the 5 best open-source SIEM tools for organizations looking to mitigate cybersecurity risks and detect threats. The featured SIEM solutions include AlienVault OSSIM, MozDef, Wazuh, Prelude OSS, and Sagan, each with its own unique features and advantages. The post emphasizes the importance of finding a SIEM that suits specific needs and offers effective threat detection capabilities.

该文章描述了作者在一次被入侵和删除木马程序的经历。作者首先发现服务器流量异常增高，经过一系列的分析和操作，最终成功清理了木马程序并加强了服务器的安全性。

这篇博客分享了一次服务器被入侵的处理过程和一些启示。处理措施包括删除恶意文件、解锁文件和目录、还原被篡改的命令、清空异常文件内容等。启示包括加强安全组设置、增加密码复杂性、监控关键文件、限制登录IP、关闭外网、检查异常进程和定时任务等。

Learn how to create and host a dev tunnel using Microsoft's devtunnel CLI tool. This article provides step-by-step instructions for installing the CLI on different operating systems, logging in, hosting a dev tunnel, and connecting to it. With dev tunnels, you can securely test and debug web apps and webhooks from anywhere.

This article provides a guide on using Azure to automate alerts for Azure (Entra ID) application secret expirations. It covers creating a new Azure application, assigning permissions, creating an app secret, connecting to the Microsoft Graph API, retrieving application information, handling pagination, getting application secret expiration, converting time to local time zone, dealing with multiple secrets per application, sending alerts via email and Microsoft Teams, and setting up automatic serverless automation using PowerShell runbooks and schedules.

本文介绍了微软免费开发隧道（内网穿透）的使用教程和命令说明。通过该工具，可以在Linux、Windows和macOS上实现内网穿透，并提供了详细的命令示例和高级用法说明。文章还介绍了使用限制和管理开发隧道的方法。

This blog post discusses how to build a DMZ (Demilitarized Zone) in Azure Cloud. It explains the concept of a DMZ, the architecture with two or three layers of security, and workload placement. It also provides examples of address spacing and hybrid network workloads placement. The post concludes with best practices for Azure networking, including segmenting networks, controlling traffic with NSGs, and enforcing user-defined rules.

This document provides best practices for network security in Microsoft Azure. It emphasizes the importance of adopting Zero Trust architectures, implementing conditional access policies, enabling port access only after workflow approval, and granting temporary permissions for privileged tasks. The document also recommends controlling routing behavior, using virtual network appliances, deploying perimeter networks for security zones, avoiding exposure to the internet with dedicated WAN links, optimizing uptime and performance with load balancing, disabling RDP/SSH access to virtual machines, and securing critical Azure service resources with Azure Private Link. Additional information on control routing behavior, virtual network appliances, perimeter networks, WAN links, load balancing, RDP/SSH access, and Azure Private Link is provided. The document concludes with a reference to Azure security best practices and patterns.

This document provides instructions for using Greenbone Community Containers 22.4. It includes steps for starting the vulnerability management, setting up and starting the containers, updating the containers, performing a feed synchronization, accessing the web interface remotely, gaining terminal access to a container, using gvm-tools for CLI access, setting up a mail transport agent, performing a manual feed sync, troubleshooting common issues, and more.

This post explains how to set up a L2TP/SSTP client access RRaS server in Azure. Although RRaS is not officially supported in Azure, it can still be configured by enabling IP forwarding on the VM and adding a routing table to the vnet. The post provides step-by-step instructions on installing the Remote Access role, configuring and enabling RRaS, and setting up NAT for the VPN tunnel. It also mentions the need to assign IP addresses from a static pool and configure SSL certificate and authentication. The post concludes by inviting readers to share their experiences and alternative methods in the comments.

This article provides a step-by-step guide on how to configure an Azure site-to-site VPN with RRAS in Azure Resource Manager. It covers configuring the RRAS server's NICs, installing the RRAS roles and features, setting up and configuring the VPN in Azure, and configuring the RRAS server. The article also includes troubleshooting tips.

Building an effective purple team doesn't require a generous budget. From a one-person operation using open-source tools to a dedicated team with specialized tools, organizations of all sizes can create a collaborative security approach. The article outlines four budget-savvy strategies for building a purple team, including the bootstrap approach with open-source tools, the cost-effective duo with one paid tool, the dedicated team with multiple tools, and the comprehensive force with an extensive toolkit. Each strategy offers different levels of capabilities and resources to enhance security posture and resilience.

This document provides information about the Sync-CyberArk-Password-Azure-KeyVault-Secret plugin, which allows for pushing, updating, and syncing passwords from CyberArk Vault to Azure Key Vault. It includes prerequisites, configuration steps, and instructions for adding Azure Key Vault usage. The document also explains how to add KeyVaultName and SecretName File Categories in Vault Server and create a new service account platform. Additionally, it covers the process of adding Azure Key Vault usage and testing the push/update operation.

These guidelines provide recommendations for secure AI system development, covering secure design, development, deployment, and operation. They emphasize the importance of security throughout the system's life cycle and align with established practices from the NCSC, NIST, and CISA. Key priorities include taking ownership of security outcomes, transparency, accountability, and making secure design a top business priority.

This document discusses incident response frameworks and steps, specifically focusing on the frameworks developed by NIST and SANS. It compares the two frameworks and highlights the importance of preparation in incident response. The document also emphasizes the need for defining the CSIRT, developing and updating a plan, acquiring and maintaining the proper infrastructure and tools, improving skills and supporting training, and possessing up-to-date threat intelligence capabilities. It further explains the steps of detection and analysis, containment, eradication, and recovery, as well as post-incident activities. The document concludes by mentioning CrowdStrike's incident response services and providing information about the author.

Invoke-AtomicRedTeam is a PowerShell module that allows you to execute tests defined in the atomics folder of Red Canary's Atomic Red Team project. It is important to understand the tests before executing them and ensure you have permission to test. It is recommended to set up a test machine similar to your environment and have your collection/EDR solution in place. Complete installation and usage instructions can be found in the Wiki.

Wazuh is an open-source security platform that provides unified XDR and SIEM protection for endpoints and cloud workloads. It consists of a universal agent and three central components: the Wazuh server, indexer, and dashboard. The hardware requirements for a quickstart deployment depend on the number of protected endpoints, and the supported operating systems are 64-bit Linux distributions. The installation process involves running the Wazuh installation assistant and accessing the web interface with the provided credentials. After installation, the next step is to deploy the Wazuh agent to protect various devices and environments.

CISA's Cybersecurity Performance Goals (CPGs) are a set of voluntary practices aimed at reducing risks to critical infrastructure and the American people. These goals serve as a benchmark for measuring and improving cybersecurity maturity, provide recommended practices for IT and OT owners, and align with NIST's Cybersecurity Framework functions.

在谷歌云上创建4核16G固定IP的RDP桌面的方法：登录谷歌云，激活cloud shell，执行指定的代码，然后在网页预览中查看RDP桌面。注意事项包括有效时间、IP位置的不确定性和可用性测试。

This article outlines a six-step framework for accelerating cybersecurity incident response. The steps include preparation, identification, containment, eradication, recovery, and lessons learned. The importance of training, establishing a response strategy, and leveraging technology such as endpoint detection and response (EDR) platforms are highlighted. The article also emphasizes the need for continuous improvement and the role of investigation in the incident response process.

本文介绍了如何使用fly.io部署next-terminal和宝塔远程mysql。文章提供了注册和使用fly.io的步骤，以及自定义域名和一些fly.io的技巧。

Collections

Learning

Thinkings

Technologies

Notes

Sites

菜单slug留空即可，用户展开子菜单

Blog

SubMenu是子菜单，挂在上一个Menu中

ITPROSEC

Navigation

YouTube

Others

Home

About Me

Search

Text

Github

About

Links

Comments

本文介绍了在微软Azure订阅中添加超级协助管理账号的步骤。通过添加协管账号可以降低账号订阅被封的概率，提供超管账号被封或者忘记密码的补救方案，并管理某些服务如OpenAI模型。需要一个有效订阅的Azure和一个被邀请的微软账号。步骤包括访问订阅详情，添加角色分配，选择特权管理角色和所有者，选择成员，设置条件，最后确认邀请并使用被邀请账号登录Azure控制面板。

Cloud

微软Azure订阅如何添加超级协助管理账号 - 如有乐享

Azure

System

Cyber

Tools

Script

Compliance

类型为Notice的文章将被显示为公告，仅 hexo和next支持；仅限一个公告

NetSec

Channels

Communities