curben
/
blog
mirror of https://gitlab.com/curben/blog
1
0
Fork 0
Code Issues Releases Wiki Activity
1,383 Commits 4 Branches 0 Tags 39 MiB
Commit Graph

1383 Commits

Author SHA1 Message Date
Ming Di Leom cd2a742df9
page(threat-hunting): CobaltStrike detection through network share discovery 2025-04-06 11:49:47 +00:00
Ming Di Leom b7abc47a5c
page(threat-hunting): New Network Share detected 2025-04-06 11:43:44 +00:00
Ming Di Leom fb69f36eb2
page(threat-hunting): tailscale detection 2025-04-06 11:02:51 +00:00
Ming Di Leom 4dd73a7f77
post: Running Tailscale in GitLab CI/CD with Alpine container 2025-04-06 08:42:41 +00:00
Ming Di Leom 3de900c5d3
ci(gl): start tailscaled as ephemeral node 
https://tailscale.com/kb/1278/tailscaled#flags-to-tailscaled
 2025-04-05 07:24:27 +00:00
Ming Di Leom 205d3fd854
chore(license): update year 2025-04-04 22:07:59 +00:00
Ming Di Leom 3f88d3dc20
page(threat-hunting): InnoDownloadPlugin user-agent observed 2025-04-01 09:27:20 +00:00
Ming Di Leom e731f85296
ci(gl): start tailscaled without openrc 
https://stackoverflow.com/questions/78269734/is-there-a-better-way-to-run-openrc-in-a-container-than-enabling-softlevel
 2025-03-30 09:32:21 +00:00
Ming Di Leom 3fa8c33ea5
page(threat-hunting): ClickFix detection 2025-03-29 07:35:17 +00:00
Ming Di Leom db84c03325
chore(rmm-monitor): TightVNC 2025-03-29 06:58:46 +00:00
Ming Di Leom 443c7ecd18
ci(gl): deploy via tailscale 
workaround provided by https://github.com/tailscale/tailscale/issues/11628#issuecomment-2039012828
 2025-03-28 10:22:53 +00:00
Ming Di Leom 0f02802ebd
ci(gl): base64-decode variables 2025-03-17 08:02:57 +00:00
Ming Di Leom f36554abe8
feat(threat-hunting): Defender Incident 2025-03-13 10:08:59 +00:00
Ming Di Leom f2b06016c1
feat(threat-hunting): Regasm.exe execution 2025-03-08 07:23:15 +00:00
Ming Di Leom 556ee14d9f
feat(threat-hunting): Excessive RDP 2025-02-26 05:47:41 +00:00
Ming Di Leom ec7268cf85
chore(threat-hunting): updated date 2025-02-16 10:18:04 +00:00
Ming Di Leom b5a08380d4
feat(threat-hunting): WinrsHost.exe execution 2025-02-16 10:17:08 +00:00
Ming Di Leom 7da3ce2538
feat(threat-hunting): CDB.exe execution 2025-02-16 10:15:05 +00:00
Ming Di Leom 976d1457d1
chore(rmm-monitor): RealVNC & Dameware 2025-02-16 10:04:07 +00:00
Ming Di Leom 9ea18b1495
page(threat-hunting): cmd without extension 2025-02-08 01:07:45 +00:00
Ming Di Leom 9c02132f68
page(threat-hunting): "Rundll32 Scheduled Task" 2025-02-03 06:46:56 +00:00
Ming Di Leom afbf7f6428
page(threat-hunting): SimpleHelp,Netop,Impero 2025-02-03 06:31:29 +00:00
Ming Di Leom 42ba8a01de
page(threat-hunting): rename snow_cmdb_lookup to cmdb_ci_list_lookup 2025-02-03 06:24:49 +00:00
Ming Di Leom 7e161ee130
post(atlassian-jira-sso): clarify agent is a paid user 2025-02-02 21:33:40 +00:00
Ming Di Leom 5ad8199507
post: Atlassian and Jira portal-only SSO 2025-02-02 00:11:17 +00:00
Ming Di Leom ea7d24b3c0
page(threat-hunting): move status monitor to gitlab 
https://gitlab.com/curben/splunk-scripts/-/blob/main/itsi_im_metrics/savedsearches.conf
 2025-02-01 03:35:43 +00:00
Ming Di Leom 16b0ed9e69
chore(robots): exclude non-pages 2025-01-28 09:24:07 +00:00
Ming Di Leom d25e9662ab
page(threat-hunting): "Unusual printui.exe path" 2025-01-28 08:59:40 +00:00
Ming Di Leom 6c2d590207
post(caddy-nixos-3): intercept http 302 on gitlab pages 2025-01-26 06:37:44 +00:00
Ming Di Leom b9c3b803e8 Merge branch 'renovate/postcss-normalize-13.x' into 'master' 
chore(deps): update dependency postcss-normalize to v13

See merge request curben/blog!31
 2025-01-22 08:35:52 +00:00
Ming Di Leom 3b8006dfd4
ci(gl): run build & test jobs in MR 2025-01-21 10:45:32 +00:00
Ming Di Leom 86ece47eca Merge branch 'renovate/node-22.x' into 'master' 
chore(deps): update dependency node to v22

See merge request curben/blog!30
 2025-01-21 10:14:35 +00:00
Ming Di Leom ec24fc8cb1
post(caddy-nixos-3): cloudflare images for image resizing 2025-01-19 07:29:51 +00:00
Ming Di Leom 9d88e33f02
post(caddy-nixos-3): remove more headers 2025-01-19 06:39:15 +00:00
renovate 21a61055f1 chore(deps): update dependency postcss-normalize to v13 2025-01-19 04:02:11 +00:00
renovate 44efcd41c8 chore(deps): update dependency node to v22 2025-01-19 04:02:09 +00:00
Ming Di Leom 5d0edadb2a
style(theme): move gitlab link to footer 2025-01-18 10:18:13 +00:00
Ming Di Leom 11da1f9216
page(about): remove teddit 2025-01-18 10:16:04 +00:00
Ming Di Leom b75c9eaf91
fix(heading-link): follow upstream example 
https://marked.js.org/using_pro#renderer
 2025-01-16 11:19:38 +00:00
Ming Di Leom cc675429b8
fix(heading-link): compatibility with marked v15 
https://github.com/hexojs/hexo-renderer-marked/pull/305
 2025-01-16 10:28:53 +00:00
Ming Di Leom bd36476125
page(threat-hunting): some queries require custom data model 2025-01-15 11:06:33 +00:00
Ming Di Leom a9c575817e
page: Splunk Threat Hunting 
migrated from https://gitlab.com/curben/splunk-scripts/-/tree/main/threat-hunting
 2025-01-15 10:59:11 +00:00
Ming Di Leom 83ec4d11e8
style: disable markdown auto-format 
does not support hexo codeblock
 2025-01-15 10:51:48 +00:00
Ming Di Leom a3dbad82db
post(caddy-nixos-3): dedup config 2025-01-15 08:44:54 +00:00
Ming Di Leom 1b55924a30
chore(headers): update permissions-policy 2025-01-14 09:14:12 +00:00
Ming Di Leom 8807522149
post(splunk-app-update): update title 2025-01-05 00:32:10 +00:00
Ming Di Leom 5e7228b28c
post(splunk-app-upgrade): update title 2024-12-20 09:43:13 +00:00
Ming Di Leom e37e79b21f
post: Splunk app-level changes during an app upgrade 2024-12-12 09:46:16 +00:00
Ming Di Leom 613682c389
page(about): links to splunk threat hunting 2024-10-29 07:19:47 +00:00
Ming Di Leom b79f818ac5
fix(highlight.js): conf lang/alias does not exist 2024-10-12 22:32:46 +00:00