Category: DevOps

Posted on

CVE-2019-18935 – Using Powershell to review IIS and Windows Logs (Searching for IoC)

CVE-2019-18935 - Using Powershell to review IIS and Windows Logs (searching for IoC)

This article can be considered a Cyber-Security article more than a Software Development one for the content and part of the vocabulary that will be used but don’t be scared. I wanted to keep it very practical and to give you a simple example of what type of tools everyone can build or use in certain scenarios like in CyberSec and Incident Response. Continue reading “CVE-2019-18935 – Using Powershell to review IIS and Windows Logs (Searching for IoC)”

Posted on

Base64 Encoding with Powershell and .NET Framework

Base64 Encoding with Powershell and .NET Framework

Today I’ve answered a question in one of my blog articles on SendGrid API and PowerShell on how to add attachments to an email when using the API.
The official documentation is pretty clear if you want to pass a text or binary file as an attachment the SendGrid API is requiring a couple of strings: filename and content in base64,  but in case anybody finds a roadblock here this article it may help you. Continue reading “Base64 Encoding with Powershell and .NET Framework”

Posted on

Monitoring the Network Load with Powershell

monitoring-the-network-load-with-powershell

Monitoring is an important activity in IT operations, it’s essential for correlating the state of all the moving parts of our systems and applications and create a big picture of the health of the whole environment.  Before going down the rabbit hole of complicated monitoring tools and techniques let’s start with define a that monitoring can be subjective and on a case-by-case can be very basic or detailed and can let you choose a specific tool or strategy. There is no one-size-fits-all. This week I needed to implement a custom check to monitor the network load/usage on any Windows OS and instead of looking for a third-party tool and deploying maybe another agent on servers I wrote a Powershell script to perform this activity.

Continue reading “Monitoring the Network Load with Powershell”

Posted on

Comparing Citrix CVE Verification Tool to a one-liner bash script

comparing-citrix-cve-verification-tool-to-a-one-liner-bash-script

Last December NIST announced this vulnerability CVE-2019-19781  and soon after that Citrix published this page CVE-2019-19781 – Vulnerability in Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance and released a verification tool supporting clients for finding out if they were vulnerable or not: CVE-2019-19781 – Verification Tool

A verification tool is addressed to an IT specialist who works these solutions and needs to quickly assess if the software or appliance is affected by this vulnerability. Continue reading “Comparing Citrix CVE Verification Tool to a one-liner bash script”