The security of active directory will always be a hot topic. AD contains all your identities/structure and isn’t something you want anyone accessing. In traditional models, a common threat was that your users could query AD using net /domain commands.....
PowerShell brings automation and automation can be key to running an environment. The problem is, if it isn’t controlled, “automation” can be used against you......
Malicious parties might chose to encode their commands or scripts. The reason why is that if your auditing isn't up to scratch, it may go unseen. In some cases it can also help bypass the AV....
Password Managers are brilliant! They allow users to create and use complex passwords because they give us a nice secure place to store them. Using Password managers also can also prevent users from writing them down or reusing passwords, which is a huge deterrent against hackers looking to compromise your accounts. It's a win, win....or … Continue reading Stealing Passwords From Clipboard
I've combined all of my current scripts into one to allow easy execution. To see the script, visit: https://github.com/securethelogs/Securethelogs/blob/master/README.md
Read the article here: https://securethelogs.com/hacking-with-powershell-red-team/
Live Network Scanner: PSPanner: https://securethelogs.com/pspanner-network-scanner/Network Scanner (With Event Logging for SIEMs)PSWatcher: https://securethelogs.com/pswatcher/
PSBruteZip allows you to brute force your way into Zip files should you have forgotten the password. A pre-req is that 7Zip is installed as it uses their commands. They function is better than Windows (I find).
Powersosh is a module which can help you do simple OSINT to find profiles online.
Read the article here: https://securethelogs.com/hacking-with-powershell-blue-team/