BAGLO'S NOTES
NotesAbout

Explore My Collection of Notes!

Detecting MITM attacks with Microsoft Sentinel

January 2024

|

azure

cybersec

Lately there has been an increased focus on Man-In-The-Middle (MITM) attacks, highlighting the limitations of traditional Multi-Factor Authentication (MFA) as a comprehensive solution for account security. Easy-to-use tools, like Evilginx, have made it simpler for adversaries with different skills to carry out phishing attacks with little effort. This has led to the adoption of phishing-resistant MFA methods, such as FIDO2 security keys or Windows Hello for Business.

ShareX - What I like and my config

August 2021

|

tool

I had been using the built-in Snipping Tool for a long time since I found it so intuitive and easy to work with. However after looking at other screenshots, where steps were numbered, lots of arrows, and fancy blurring, I figured I should look for a better alternative and found ShareX.

Writeup: PHST 2021

April 2021

|

ctf

writeup

Another great CTF event hosted by https://pst.no, this time with an Easter theme 🐣! I got some more experience with OSINT, reading and understanding source code, and scripting.

Writeup: NPST 2020

January 2021

|

ctf

writeup

This is my writeup of the challenges and easter eggs I managed to complete in PST's CTF advent calendar, NPST 2020 🎅. By the end I solved 11 challenges and 5 easter eggs.

Tools for the Microsoft Cloud

November 2020

|

tool

azure

After hours on Twitter I have come across a lot of tools with different purpose. This note will highlight some of those I have come across that is made for the Microsoft Cloud!

🔔🐦LogiCanary: Using Azure Logic Apps to recreate Canarytokens

August 2020

|

azure

cybersec

Canarytokens is a free, easy-to-implement and set-n-forget tool to get alerted when someone triggers them. Let's look at how they work and how to make our own custom with Azure Logic Apps.

Cybernoise: Creating my notes with Hugo, Github Action and Azure

August 2020

|

dev

azure

I have the last couple of years been reading a lot of articles, blogs and posts learning about the current subject I am curious about. That inspired me to have a go at it!

📦 Hack The Box: Traceback

July 2020

|

ctf

htb

writeup

A writeup of the box Traceback from Hackthebox. Not the hardest box but managed to get SSH access as both user and root, not just read the flags. Also showed a cool way to exfiltrate data with GET requests.