Next Projects to Investigate

5th February 2021

PowerShell Win Reporting; security alerts sent to M$ Teams! easy to install?

IF installing a package or Module gives errors you may need to enable TLS 1.2 as described here

Set-ExecutionPolicy Unrestricted
Install-PackageProvider -Name “NuGet”
Install-Module PSTeams
Install-Module PSEventViewer
Install-Module PSWinReporting
Install-Module PSWriteColor
Install-Module ImportExcel
Install-Module PSSlack
https://evotec.xyz/hub/scripts/pswinreporting-powershell-module/

RaspberryPi Kiosk display; none of these can supply username/pw
Anthias(Screenly); Easy Install from RaspberryPi Imager.
YoDeck; works w 4k monitors, power on/off, complex, use left video jack. Working well for 6months+, some tweaking to get settings right. PRTG monitor can make a Read Only account with no creds required. Freemium 1user 1sign
Home Assistant; made for IoT but versatile dashboard
info-beamer.com; 1sign 1Gb
PiSignage; has trouble with 4k displays
DigitalSignage.com; free, their hardware only
concerto-signage.org; last update 2017? unofficial pi support
display-monkey; windows only
MangoSigns; freemium 1user 1sign
ScreenHub; $477/mo includes a 4×8′ outdoor display
RiseVision; free version does not cache content locally
opensignage.com; their hardware or HTML5 w interactive signin
intuiface; overly complex

Synology NAS as a LDAP / Domain Controller

OpenSense / PfSense as backup firewall, automatic failover

NEMS monitor on RasPi 4, in a Hub-n-spoke hierarchy, in a VM on VmWare 7 ARM.

VmWare ESXi on RasPi4 https://my.vmware.com/group/vmware/downloads/get-download?downloadGroup=ESXI-ARM can connect to OMV/NFSv4 share but can’t write data, need to check file perms?? Update: VmWare is dropped due to high costs.

GeoFiltering with Windows firewall; see work from home

NextCloud as SSL VPN alternative Update: see TailScale/Wireguard

Veem free VM backup solution https://www.veeam.com/virtual-machine-backup-solution-free.html

Wireguard modern VPN vs IPSec. Wireguard is similar to tunnel mode, no user auth. see TailScale

BitWarden OpenSource, SelfHosted https://bitwarden.com/ allows importing from LastPass SAAS working well for 1yr, auto-fill has been updated.

HoneyPot + Canary tokens

Cockpit + SambaGui
Fix for broken updates here https://caissyroger.com/2020/10/05/cockpit-cannot-refresh-cache-whilst-offline/

feather sense as a VR input device; has cpu, 9 DoF sensor, bluetooth

VmWare + Microsoft Credential Guard

Ansible + RunDeck or AWX/Tower or Playable or Semaphore or Jenkins GUI.
RunDeck on Ubuntu install

AirTable.com

OpenHab/MQTT + Sonoff Mini has DIY jumper to flash Tasmota firmware

https://inteltechniques.com/blog/

https://simplelogin.io/?slref=osint email alias like mailinator.com allows replies.

https://www.youtube.com/channel/UCgTNupxATBfWmfehv21ym-g some doesn’t exist anymore

ZoneMinder for Video Mgt System certain manufacturers make good hardware but their software hasn’t been updated in years. 🙁

Antsle Virtualization on Raspberry pi 4, +distributed storage, free acct is personal only. AntMan Hypervisor. Swagger cloud automation for Antsle

HoneyDocs and CyberDeception https://canarytokens.org/generate# Tested good. An alert from office public IP is not useful info.

HoneyAccounts login once to update the lastlogon date. set the pw to stupidly long string, auto change vlan to wifi?

How to detect KerberRoasting w HoneyAccounts and Canary Tokens

RITA https://www.activecountermeasures.com/free-tools/rita/

safepass.me

Chia crypto disk farming; all connection from Russia or China. Uninstalled.

Anything Persistence of Vision (POV)

Keyboard jacking via CrazyRadio PA https://null-byte.wonderhowto.com/how-to/inject-keystrokes-into-logitech-keyboards-with-nrf24lu1-transceiver-0197099/

GPS spoofing via a USB3 to VGA converter https://hackaday.com/2018/04/23/spoofing-cell-networks-with-a-usb-to-vga-adapter/

rules to prevent & report email forwarding M$ can do this via SecurityScore https://www.csoonline.com/article/3148823/10-essential-powershell-security-scripts-for-windows-administrators.html

Snappy Driver Installer, portable app

Cloud SSO; Ping, (Okta big data breach, wait and see)

CSET https://www.youtube.com/results?search_query=cset+cybersecurity+evaluation+tool+ it installs SQL Lite and creates a website so multiple people can work on the document simultaneously. why isn’t this a Text document?

TinyPilot a TCP KVM based on RasPi here Put 1 at ea client site. something wrong with your iPhone? plug it in and point the camera at phone.

TailScale an easier to use version of WireGuard p2p vpn/Overlay Network, free for personal, charge for team/business. Interested if you can mix and match pieces of this and Wireshark to keep it free. sounds great for remote user support.

Wazuh HIDS, the reporting dashboards look great and managers love their dashboards.

An easy to use Ansible Gui. When I cobble together a reliable solution, I typically need to hand it off to someone else, a GUI makes that possible/easier. Ansible Tower is developed on RedHat and supposedly works on Debian. Semaphore is Debian native https://computingforgeeks.com/install-semaphore-ansible-web-ui-on-ubuntu-debian/
Rundeck has Ansible + other components, nice gui.

How to SSH to an iPhone here https://osxdaily.com/2011/08/04/ssh-to-iphone/

Home Assistant to Paradox Alarm panel https://hometechtime.com/how-to-integrate-a-paradox-alarm-with-home-assistant-using-the-paradox-ip150/

Project Red Team blue team testing tool, open source

Packet Fence Network Access Control, Open Source

Pritunl OpenVpn + WireGuard tunneling, web interface, multi-client

AgentDvr by iSpy Motion etc

ISPConfig web console for DNS + Zone Transfers for backup DNS

Test this cheap hosting https://www.ssdnodes.com/pricing/