Topics include Machine Learning, Network Monitoring, Active Directory and More…
Special thanks to Robin Dadswell, Prasoon Karunan V, Kiran Patnayakuni and Kevin Laux
by Joost Jansen on 9th February
This blog provides a ‘look behind the scenes’ at the RIFT Data Science team and describes the process of moving from the need or an idea for research towards models that can be used in practice. More specifically, how known and unknown PowerShell threats can be detected using Windows event log 4104. In this case study it is shown how research into detecting offensive (with the term ‘offensive’ used in the context of ‘offensive security’) and obfuscated PowerShell scripts led to models that can be used in a real-time environment.
by @tseknet on 29th August
This post covers how you can write SCCM logs to the Event Log for an OS upgrade task sequence file (smsts.log), but this script can be adapted to take any log file and write the contents to the Event Log.
by Nick Richardson on 31st August
In this post, we are going to setup NetNeighbor Watch on a Raspberry Pi. NetNeighbor Watch can keep an eye on your network and send you an email when a new host is discovered. NetNeighbor Watch is done completely in PowerShell. The results are very similar to those of arpwatch. NetNeighbor Watch is for anyone that wants more visibility into the wireless or wired devices on their network.
by Paolo Frigo on 2nd September
In this article you will find something totally different, I wanted to take the opportunity of helping somebody to solve a real case of a Virtual Printer that was causing issues to users and the ops team. The printer needed to be monitored with a living-off-the-land approach, so without adding any software solution but just a few scripts.
by Przemyslaw Klys on 2nd September
This blog post covers a function called Get-WinADGroupMember. When you use it with a single parameter group it is basically a replacement for Get-ADGroupMember -Recursive.
u/nkasco shares a tool he has been working on and best part is that it is free.
@PowerShell_Team has started the release process for #PowerShell 7.1 preview 7 built on .NET 5 preview 8.
In this video, I show how to get started with Jupyter Notebooks and PowerShell. I first go over the web interface for Jupyter and how to use .NET interactive to run PowerShell scripts in notebooks. I then go into Azure Data Studio to show how to build notebooks with a more rich PowerShell experience. Finally, I show how to build PowerShell notebooks using the Visual Studio Code Insiders edition and the preview edition of the PowerShell extension.