Tech – Page 14 – securitygems.com

Windows Defender Scan with Command line

Type the following command to open the antivirus tool location and press *Enter*:
– cd C:\ProgramData\Microsoft\Windows Defender\Platform\4.18*
Type the following command to perform a custom antivirus scan and press *Enter*:
– MpCmdRun -Scan -ScanType 3 -File PATH\TO\FOLDER-FILES – In the command, make sure to specify the path to the folder you want to scan. – For example, this command scans the “Downloads” folder: – MpCmdRun -Scan -ScanType 3 -File C:\Users\username\Downloads
www.windowscentral.com/how-use-windows-defender-command-prompt-windows-10#custom_scan_cmd_defender

Global DNS Propagation Checker

Check if your DNS propagated across the globe.
www.whatsmydns.net/

log collection, storage, and searching

From the Bored Hacker Blog www.boredhackerblog.info/2021/12/noteslinks-about-log-collection-storage.html
…
*Gathering & shipping logs:*
For Windows Event Logs:
– fluentbit – docs.fluentbit.io/manual/pipeline/inputs/windows-event-log
– fluentd – docs.fluentd.org/input/windows_eventlog
– nxlog – nxlog.co/docs/nxlog-ce/nxlog-reference-manual.html#im_msvistalog
– winlogbeat – www.elastic.co/downloads/beats/winlogbeat-oss
– promtail – grafana.com/docs/loki/latest/clients/promtail/scraping/#windows-event-log
…
While doing more research, I came across clickhouse (which is also supported by some of the tools above) (clickhouse.com/) Clickhouse can store json data and you can do sql queries on that data.
I also came across cloki, which is using clickhouse but emulating loki ( github.com/lmangani/cloki)
The backend is a clickhouse database and you push logs into loki emulator, just like you’d push logs into loki. cloki also supports the same query language as loki and will work with grafana loki connector.
…
*Sample logs:*
To play with any of the tools above without making changes in production env, you can use sample logs or data sources.
github.com/logpai/loghub – github repo that links to several sample logs
www.secrepo.com/ – logs related to security. there are some network traffic logs in there
www.sec.gov/dera/data/edgar-log-file-data-set.html – EDGAR log files
log-sharing.dreamhosters.com/ – various log files
www.logs.to/ – log generator (various types)
github.com/mingrammer/flog – log generator
certstream.calidog.io/ – certificate transparency logs
www.hivemq.com/demos/websocket-client/ / broker.mqttdashboard.com – If you want to grab MQTT demo data. I’m pretty sure people are using this for free for their projects too…

Awesome Threat Intel Links

From the kind offering of hslatman.
github.com/hslatman/awesome-threat-intelligence
Maybe, DNSTrails is for you!

Security Testing domains

Get a domain and log dns requests dnslog.cn/
Monitor Service for security testing ceye.io/
Tokens canarytokens.org

Simple Time web page

Get the time here: chronic.herokuapp.com/utc/now
Source Code here: github.com/progrium/timeapi/tree/master

Run powershell from batch bat command line

Running Powershell from a batch file can be a bit fiddly. Fortunately, Daniel S. has provided all the details. blog.danskingdom.com/allow-others-to-run-your-powershell-scripts-from-a-batch-file-they-will-love-you-for-it/
Additional info available as well. stackoverflow.com/questions/19335004/how-to-run-a-powershell-script-from-a-batch-file stackoverflow.com/questions/46070152/how-to-run-powershell-command-in-batch-file/65911978#65911978 devblogs.microsoft.com/scripting/powertip-start-hidden-process-with-powershell/

password tip

Not sure this would work 100%, but it’s an interesting idea.
[image: image.png]

online web validators

blueblots.com/tools/website-validation/

Top Public DNS Resolvers

tag:FREE The wizards over at DNSPERF <www.dnsperf.com/#!dns-resolvers>have some performance metrics on public dns providers.
Follow the links to pick some new DNS servers. Or, configure some of the security features that come with the services like blocking Ads and the baddies.