-
IntelliSIEM and Test-Driven Development: Creating Robust Error Handling and Log Rotation
Previously, we implemented a basic testing framework to start handling data errors, corrupt data, and edge cases. In Part 4, we’re going to kick it up a notch. It’s time to implement robust error handling for each discrete task! We left off having implemented a basic testing framework to drive code implementation for edge cases… Continue reading
-
Implementing TDD in IntelliSIEM: Handling Edge Cases and Errors
Previous entries in this series covered the initial tool setup and testing of the environment, establishing the structure of the project, initial tests, and connecting to APIs. In this third entry, we’re going to enhance our testing approach through a Test-Driven Development (TDD) methodology to build a more robust and reliable system. Initially, our tests… Continue reading
-
Setting Up the Core of IntelliSIEM – Structure, TDD, and API Connection
Part 1 of this series covered the initial tool setup, and testing of the environment.In Part 2, we’re going to dive into structure, tests, and API connections. In this post, I’m excited to dive into the development of IntelliSIEM’s data collection module. This step is crucial as it lays the foundation for how we will… Continue reading
-
Getting Started with IntelliSIEM: Setting Up the Development Environment
Welcome to the first post in my series chronicling the development of IntelliSIEM, a robust threat intelligence aggregator and reporter tool. In this post, I’ll guide you through setting up the development environment using Python 3.12 and PyCharm Professional. To see this project in its current state, head over to my repo and check it… Continue reading
-
A Year Later: Settling In and Starting Fresh
Hello, Bite Size Bytes readers! It’s been a while since my last post, and a lot has happened in the past year. I’ve recently moved to a new area, which has been a big adjustment and an exciting adventure. Settling in took some time, but I’m now back and ready to dive into new projects… Continue reading
-
YubiKey Passthrough on VMware Workstation and VMware Fusion
With the increasing support of MFA using security keys to authenticate in services like GitHub, M365, Google, AWS, Salesforce, and many others, coupled with the prevalent use of VMware desktop virtualization for development and testing, it is more and more of a need to get YubiKeys to passthrough to a Guest VM. This process does… Continue reading
-
Using XAML (WPF) To Build A PowerShell GUI
PowerShell speaks WPF and that means you can build a XAML-based GUI for your PowerShell script. It’s easy to do – here’s a small demo: [code lang=”text”] Add-Type -AssemblyName PresentationFramework [xml]$XAMLForm = @” <Window xmlns=”http://schemas.microsoft.com/winfx/2006/xaml/presentation” Title=”XAML Form” Height=”150″ Width=”320″> <Canvas> <Label Content=”Simple XAML Form. Click button to exit.” HorizontalAlignment=”Left” Height=”30″ Margin=”10,10,0,0″ VerticalAlignment=”Top” Width=”275″ FontWeight=”Bold” FontSize=”14″/>… Continue reading
-
Run a Powershell command based on OU Membership
Admit it. Be honest now. We’ve all done it. We’ve run a command against a batch of users and forgot to limit the scope to the ones we were really targeting. I recently had to write a small Powershell-based application that loads all the users in a domain (filtered to exclude service accounts and admins)… Continue reading
-
Navigate AD with Powershell
Some environments have multiple domains in a single Active Directory forest. Working with Powershell in the same domain as your user account is easy, but what do you do when you need to run Powershell commands in one of the other domains? Change context. Powershell can traverse AD as a file system, and this allows… Continue reading
-
Who’s really running that Powershell instance?
I’ve been writing a lot of custom applications lately, many using Powershell and then packaged using Sapien’s Powershell Studio. Something that I’ve had to do a few times lately is provide applications to allow a non-privileged user to manipulate a user account in a different domain. There are a few pieces that go into this,… Continue reading
About Me
As a seasoned IT professional, I have developed an extremely well-rounded breadth and depth of knowledge and an exceptional ability to decipher and communicate complex issues. I have years of proven experience in IT leadership roles, security auditing, digital forensics, and overseeing development of custom applications, rounded out with a Bachelor of Science degree in Information Technology emphasizing Software Development. Over the course of my career, I have successfully held certifications as a GIAC Certified Incident Handler (GCIH), as well as CIW, CompTIA, and assorted Microsoft programming and networking certs. I have presented at the 2019 CETPA Conference in Anaheim and the 2021 CITE Conference in Sacramento.
Recent Posts
- IntelliSIEM and Test-Driven Development: Creating Robust Error Handling and Log Rotation
- Implementing TDD in IntelliSIEM: Handling Edge Cases and Errors
- Setting Up the Core of IntelliSIEM – Structure, TDD, and API Connection
- Getting Started with IntelliSIEM: Setting Up the Development Environment
- A Year Later: Settling In and Starting Fresh