My last story was a short script that takes MAC addresses in, and returns the OUI portion of that, along with the vendor who corresponds to that OUI. (https://isc.sans.edu/diary/Mining+MAC+Address+and+OUI+Information/25360) Today we’ll port that to PowerShell as a function and use that on a live network for some “hunting” to look for odd things.
Article Link: https://isc.sans.edu/diary/rss/25404