Category Archives: something different

04Jul/18

I was re-awarded as a Microsoft MVP, but I’m leaving the program

On July 1, I was notified that I was I was re-awarded as a Microsoft Most Valuable Professional (MVP)! Being an MVP is an enormous privilege, and has been a huge benefit to me professionally. If you’re not familiar with the MVP Program, it’s basically an award given to independent technologists who share technical knowledge with the community. That might mean blogging, public speaking, creating videos, being active on social media, answering questions on technical forums, or lots of other things.

In addition to a cool glass trophy, being an MVP comes with a bunch of other perks like an MSDN subscription, an O365 license, Azure credits, and other assorted swag and gifts. The biggest benefit by far, though, is access to NDA-protected mailing lists, and the networking opportunities to connect with other MVPs and full time Microsoft employees.

This is my fourth MVP award, and since April 2015, I’ve had the distinct pleasure of getting to know the most incredible people, mentor others, be mentored, influence the products Microsoft makes, and share thousands of hours of effort in the form of books, blog posts, public speaking, and other ways of giving back to the community that’s helped me so much. Through being an MVP, I’ve met great people who have helped me in my career tremendously. I’m grateful to all of them.

On that note, as of July 9, 2018, I won’t be eligible for the MVP program any more and therefore will have to give up my status as an MVP.

One of the conditions for being a Microsoft MVP is that you aren’t a Microsoft employee. This spring, I accepted a position at Microsoft as a Senior Security Service Engineer, and will be starting on Monday, July 9! I’ll be joining an immensely talented team doing fascinating work, applying my skills in the area of scripting and automation, and helping guide their growing DevOps habits.

I couldn’t possibly be more excited.

As a small note, I’ll be relocating to the Seattle area this summer, and getting my feet under me in this new position, so the weekly streak of blog posts I’ve been able to uphold for over a year is likely to be interrupted. I’ll still be posting, but perhaps not quite as frequently. Just because I’m not going to be an MVP any more doesn’t mean I’m not still committed to sharing information and helping the technical community any way I can.

23May/18

Display All The Claims For A User Visiting Your .NET Core Azure Web App

Regular visitors of this blog are used to seeing PowerShell and DevOps content, and this is a little bit of a divergence since it’s written in C#, and it’s a .NET Core MVC Azure Web App, but if it found itself on my plate, maybe it will find itself on yours. I was tasked with writing an Azure Web App that users would visit, sign into using their Azure Active Directory (ie: “Work or School”) account, to test if their Conditional Access and MFA was configured properly. Once logged in, a little information about the user is displayed.

Here’s how to pop all the claim information for an authenticated user into a Razor Page.

Continue reading

03Jan/18

HackTheBox.eu Walkthrough – Apocalyst

If you’re a frequent reader of my blog, you know that I mostly post about PowerShell, Microsoft related automation, and that sort of thing. In a previous life, however, I thought I wanted to make a career out of infosec – particularly penetration testing and red team type of stuff. I’m super happy with where my career went instead, but from time to time, I enjoy attempting to knock some of the rust off my ethical hacking/pentesting skills (what little of them there are), and trying my hand at some vulnerable by design boxes. Since it’s the holiday season, I decided to switch things up a little bit for the last couple blog posts.

HackTheBox.eu offers a cool variety of vulnerable by design virtual machines for people to practice their pentesting skills against. There are strict rules about sharing spoilers for “active” boxes, but there are only so many of those, and lots of “retired” boxes are available as well. In today’s post I’m going to share a walkthrough of how I did the retired box “Apocalyst”.

Continue reading

27Dec/17

HackTheBox.eu Walkthrough – Blocky

If you’re a frequent reader of my blog, you know that I mostly post about PowerShell, Microsoft related automation, and that sort of thing. In a previous life, however, I thought I wanted to make a career out of infosec – particularly penetration testing and red team type of stuff. I’m super happy with where my career went instead, but from time to time, I enjoy attempting to knock some of the rust off my ethical hacking/pentesting skills (what little of them there are), and trying my hand at some vulnerable by design boxes. Since it’s the holiday season, I decided to switch things up a little bit for the next couple blog posts.

HackTheBox.eu offers a cool variety of vulnerable by design virtual machines for people to practice their pentesting skills against. There are strict rules about sharing spoilers for “active” boxes, but there are only so many of those, and lots of “retired” boxes are available as well. In today’s post I’m going to share a walkthrough of how I did the retired box “Blocky”.

Continue reading

20Dec/17

HackTheBox.eu Walkthrough – Europa

If you’re a frequent reader of my blog, you know that I mostly post about PowerShell, Microsoft related automation, and that sort of thing. In a previous life, however, I thought I wanted to make a career out of infosec – particularly penetration testing and red team type of stuff. I’m super happy with where my career went instead, but from time to time, I enjoy attempting to knock some of the rust off my ethical hacking/pentesting skills (what little of them there are), and trying my hand at some vulnerable by design boxes. Since it’s the holiday season, I decided to switch things up a little bit for the next couple blog posts.

HackTheBox.eu offers a cool variety of vulnerable by design virtual machines for people to practice their pentesting skills against. There are strict rules about sharing spoilers for “active” boxes, but there are only so many of those, and lots of “retired” boxes are available as well. In today’s post I’m going to share a walkthrough of how I did the retired box “Europa”.

Continue reading