HOWTO: Determine if an Office Update is installed on Win7

Previously, I would check the following registry location for Office updates: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall There are entries something like: {90140000-0011-0000-0000-0000000FF1CE} I would then use a reporting tool to look for this to identify where office updates are installed. (LANSWEEPER is a great tool for this kind of reporting) Recently I needed to do this for an Office… Continue Reading



Blatant promotional post: Patch and Vulnerability Management as a service

NETSYNTROPY – Mission statement: Our goal is to provide a complete simple to implement solution to solve for information security. Many large companies have security operations centers, an operational security response team, with large budgets and many layers of process, technology and end user training. At NETSyntropy we aim to provide a combination of information… Continue Reading



Chinese IOT firm siphoned text messages and call records.

This article is the reason why I do not fully trust Andoid phones.. All of us need to be wary of cheap tech, you never know what will come bundled with affordable technology. https://krebsonsecurity.com/2016/11/chinese-iot-firm-siphoned-text-messages-call-records/    


Fixing high Windows memory usage caused by large metafile

If you are having a windows 2012 server that seems to need rebooting from time to time and goes unresponsive, you may want to consider downloading RAMMAP and seeing if the “Metafile” is quite large when the server has been on for some time. This can happen on file servers with a lot of activity… Continue Reading


Long Term packet captures using Wireshark.

Over the years I used wireshark to capture packet traces on windows devices. It did the job and for the most part was an invaluable tool. Until that is, I had the need to capture packets over a period of time. Usually when troubleshooting an intermittent network problem. Just when I needed the tool to… Continue Reading


Improving MSSQL performance

After hearing of complaints of poor application performance for one of my clients Healthcare Referral systems, i started looking into the underlying infrastructure only to find that there was no smoking gun. I ran some queries to see how the memory was being consumed by MSSQL since task manager pretty much just shows allocation, not… Continue Reading


Volatility – An advanced memory forensics framework

Are you involved in an Incident response engagement and need some free tools to complete your job? I have had good luck with Volatility Framework used in conjunction with Hibernation of the suspect endpoint. The Volatility Framework is a collection of tools, implemented in Python under the GNU General Public License (GPL v2), for the… Continue Reading


Building scalable web applications to a Windows IIS farm? Here is the solution to replicating the IIS metabase, SSL certs, Bindings, and code.

Web Deploy 3.5, the answer to scalability with web farms. http://www.iis.net/downloads/microsoft/web-deploy Similar to the use of Chef or Puppet, you can use Web Deploy 3.5 to push web server configuration and content to all you web servers in your farm. Previously i used IISCnfg to handle this back in the IIS6 days, but haven’t needed to do… Continue Reading