Sunny Chakraborty sunnyc7

Tower of Hanoi

How's it is solved ?

Long steps ahead

To know more :

Reading, Video and Audio List

Software

Ousterhout, John - A Philosophy of Software Design. Amazon
Zinsser, William - On Writing Well: The Classic Guide to Writing Nonfiction On Writing Well Amazon
Stephen Orban - Ahead in the Cloud: Best Practices for Navigating the Future of Enterprise IT (Kindle Books) Amazon

Management

Grove, Andy. High Output Management. Amazon
Forsgren PhD, Nicole, Humble, Jez, Kim, Gene - Accelerate: The Science of Lean Software and DevOps: Building and Scaling High Performing Technology Organizations [Amazon](https://www.amazon.com/Accelerate-Softw

Thoughts on Monitoring - Packets received discarded using LogAnalytics.

or How to capture and remedy buffer exhaustion in NIC's

Log Analytics query

Perf
| where TimeGenerated > ago(1d)
| where ObjectName == "Network Interface" and CounterName == "Packets Received Discarded"
| where CounterValue > 10
| summarize count() by Computer, InstanceName

	# Passes VT.
	# Does the same job as Out-Minidump with variable names changed.
	# https://www.virustotal.com/gui/file/e8cb7b7d4d4e60c3a1b6339227f8df3bd178f2d3f561e12a02fcc22bad6437b8/detection

	# Question:
	# How would AVs create signatures for interpreted code really?
	# Basing signatures on checksums and variable names are useless, as they can be changed trivially without modifying the program behavior.

	function New-Code1 {
	Param (

	# Ref: https://twitter.com/sunnyc7/status/1187231573072064514
	# Code Samples Below.
	## Renamed Out-Minidump to New-Code. Removed the comment block. Deleted some /r/n
	# Virus Total Scan results: https://www.virustotal.com/gui/file/a1a305c14ee78917a336dd6bb57b26a1107583fe1a5115f670387166b50a8fe5/detection

	function New-Code {
	Param (
	$Process,
	$DumpFilePath = $PWD
	)

	# Latest browser versions of Opera,Google Chrome,Firefox, MsEdge DEV
	# Firefox wins in terms of lowest resource consumption
	# This function can be used for random sampling over n-days for a longitudnal study
	# Test should be repeated with all plugins disabled for all browsers
	# Test should be reapeated in safe mode.

	Function Get-BrowserResourceConsumption {
	[cmdletbinding()]
	param(
	$browser

	# This is an example of the Stack Exchange Tier 1 HAProxy config
	# The only things that have been changed from what we are running are:
	# 1. User names have been removed
	# 2. All Passwords have been remove
	# 3. IPs have been changed to use the example/documentation ranges
	# 4. Rate limit numbers have been changed to randome numbers, don't read into them

	userlist stats-auth
	group admin users $admin_user
	user $admin_user insecure-password $some_password

	$xlFixedFormat = [Microsoft.Office.Interop.Excel.XlFileFormat]::xlOpenXMLWorkbook
	write-host $xlFixedFormat
	$excel = New-Object -ComObject excel.application
	$excel.visible = $true
	$folderpath = "C:\Users\gabceb\Documents\testXLS"
	$filetype ="*xls"
	Get-ChildItem -Path $folderpath -Include $filetype -recurse \|
	ForEach-Object `
	{
	$path = ($_.fullname).substring(0, ($_.FullName).lastindexOf("."))

	(cat poolsnap.log) \| ? {$_.trim() -ne "" } \| sc poolsnap.log
	cat .\poolsnap.log \| Select -Skip 1 \| foreach {
	$op = ""\| Select Tag,Type,Allocs, Frees,Diff,Bytes,PerAlloc
	$junk, $op.Tag, $op.Type, $op.Allocs, $op.Frees, $op.Diff, $op.Bytes, $op.PerAlloc = $_ -split "\s+"
	$op.PerAlloc = [string]$op.PerAlloc -replace "{\|}\|,", ''
	$op
	}

	# Define the signature - i.e. __EventFilter
	$EventFilterArgs = @{
	EventNamespace = 'root/cimv2'
	Name = 'LateralMovementEvent'
	Query = 'SELECT * FROM MSFT_WmiProvider_ExecMethodAsyncEvent_Pre WHERE ObjectPath="Win32_Process" AND MethodName="Create"'
	QueryLanguage = 'WQL'
	}

	$InstanceArgs = @{
	Namespace = 'root/subscription'