In this post, I am going to show you an easy way to execute Penertration testing in your network for free in 30 days. Just using one command auto-generated from https://www.horizon3.ai/ ‘s Nodezero platform, you will be able to execute a professional pen testing to reveal some proven attack paths in your network, and find […]

This post summzrize some notes and steps to upgrade the Privilege Cloud Connector and the components for versions 12.7 and later. Note: Upgrading the CPM and PSM components requires downtime (typically a few minutes). We recommend performing the upgrade at a time that will have the least impact on your operations. Diagram https://docs.cyberark.com/PrivCloud/Latest/en/Content/Privilege%20Cloud/PrivCloud-upgrade-connector-12.7-later.htm?tocpath=Setup%7CUpgrade%20Privilege%20Cloud%20connectors%7CUpgrade%20the%20Privilege%20Cloud%20Connector%7C_____1   Check .Net, […]

CyberArk Vendor Privileged Access Manager (Vendor PAM) is an integrated SaaS solution that enables fast and secure privileged access for vendors, consultants, maintenance personnel and other authorized external 3rd parties. With Vendor PAM, organizations can implement Zero Trust-based just-in-time access, biometric MFA, and privileged credential and session management without the need for VPN clients, passwords, […]

Google Gemini is the name of a new AI model developed by Google DeepMind. It is built from the ground up for multimodality, meaning it can reason seamlessly across text, images, video, audio, and code. Gemini is the first model to outperform human experts on Massive Multitask Language Understanding (MMLU), one of the most popular […]

CyberArk plugins and Connection Components use web drivers to connect to web-based targets. For the connection to succeed, the driver and browser versions must be the same.This applies to both Chrome and Edge drivers. Browser Download info Google Chrome (32-bit), version 100 or later Click here to download this version Microsoft Edge (32-bit), version 103 or later […]

This post shows how you can get a free dns domain from cloudns.net and a google site as your website. And it also presents the steps how to integrate them together which make your Google Site to use custom domain you got from cloudns.net.    Sign Up An Account FREE DNS FEATURES – https://www.cloudns.net/ Free Forever […]

This post is to show you how to create a your own free public available website for Azure Naming Tool Github project using Koyeb’s free service.  It is simple, easy, fast and completely free. No credit card required.    Azure Naming Tool  The Azure Naming Tool was created to help administrators define and manage their […]

The purpose of the CyberArk Dashboard entry is to provide Remote Desktop Manager users with an interface that eliminates the need to use Password Vault Web Access (PVWA) to see the list of safes and credentials that the currently logged on user has access to. Combined with password-less scenarios and/or our rich role-based access control (RBAC), this […]

The agent sends up an upload of the baseline snapshot to the cloud agent platform for assessment. For the initial upload the agent collects comprehensive metadata about the target host (a few megabytes) and sends a baseline snapshot to the cloud for assessment. The status Scan Complete is reported upon success. This first scan typically […]

This post is to summarize the steps how to configure a remote connection manager tool to integrate with CyberArk PSM. In this way, you can directly RDP into target server through PSM, without logging into PVWA. Basically, this post gives you a way to launch transparent connections to target systems using a standard RDP client application. […]

There are lots of Chinese DOS games in 1980s – 1990s. The Github page (https://github.com/rwv/chinese-dos-games)  collected them and created a docker image to simplify the steps to bring them up into a website. You even can create your own website with just a couple of simple commands.  In this post, I am going to go […]

The CPM is installed on a Windows system as an automatic system service called CyberArk Password Manager.  It can be stopped and started through the standard Windows service management tools. Stop the CyberArk Password Manager Service From the Start menu, select Settings, then Control Panel. From the list of Control Panel options, select Administrative Tools, then Services; the Services window appears. […]

KnowBe4 PhishER uses rules with Yet Another Recursive/Ridiculous Acronym (YARA) logic to disposition and tag the messages that are forwarded to your PhishER Inbox. YARA is a tool used to identify and classify malware samples. You can write custom rules using YARA logic. For general information about creating rules in PhishER, see our How to Create and Manage PhishER Rules article.  All PhishER […]

In my home lab virtual environment, VMware ESXi and Workstation used to host most of my testing virtual machines. To get those VMs working together in a multi networks diagram, I always need to have a router or firewall VM. I were using all kinds of virtual routers or firwealls, such as those major vendors, […]

Azure Service guides are intended to help you in decision-making for individual Azure components within a workload. Each guide highlights the core features and capabilities essential for achieving a state of excellence. They are not configuration guides or exhaustive lists of all features and capabilities, but rather emphasize the usefulness of features from the perspective […]

The Azure Well-Architected Framework (WAF) is a set of quality-driven tenets, architectural decision points, and review tools intended to help solution architects build a technical foundation for their workloads. The framework is founded on the five pillars of architectural excellence, which are mapped to those goals. They are: Reliability, Security, Cost Optimization, Operational Excellence, and Performance Efficiency.   Diagram Pillars […]

This post is just to show some basic Upgrade steps and screenshots for my references. Just fyi, this is only for lab testing, and it is not exactly same as CyberArk Doc suggested. For regular formal production upgrading process, please strictly follow the guide from CyberArk engineer or document guide. 13.2 Upgrade : https://docs.cyberark.com/PAS/13.2/en/Content/PAS%20INST/Upgrading-the-Privileged-Account-Security-Solution.htm?tocpath=Installation%7CUpgrade%7C_____0 The upgrade […]

In the modern digital age, protecting sensitive data is a paramount responsibility for employees at all levels of an organization.  With the increasing sophistication of cyber threats and the complex landscape of data privacy regulations, it’s crucial for employees to understand their roles in safeguarding information.  Photo by Max Bender on Unsplash This understanding not […]

Steampipe is an open source CLI to instantly query cloud APIs using SQL. Steampipe Mods are collections of named queries, codified controls that can be used to test current configuration of your cloud resources against a desired configuration, and dashboards that organize and display key pieces of information. CIS Azure Benchmarks provide a predefined set of compliance and security best-practice checks for Microsoft […]