This tutorial aims to help you get PowerShell logs from your endpoints into your SIEM to protect you from modern PowerShell abuse. https://www.secjuice.com/enterprise-powershell-protection-logging/
Was neues um an EDR vorbeizukommen – ScareCrow
ScareCrow is a payload creation framework for generating loaders for the use of side loading (not injection) into a legitimate Windows process (bypassing Application Whitelisting controls). https://github.com/optiv/ScareCrow
Das OWASP DevSecOps Maturity Model: Secure the Pipelines!
Schöne Darstellung des Matrix DevSecOps Maturity Model: https://dsomm.timo-pagel.de/
Eine Roadmap wie man in das Thema (Ethical) Hacking einsteigen kann…
This repository is an overview of what you need to learn penetration testing and a collection of hacking tools, resources and references to practice ethical hacking. Most of the tools are UNIX compatible, free and open source. https://github.com/sundowndev/hacker-roadmap
Die größte Referenzliste an Listen zu Cyber Security Themen
Attacking & Securing Active Directory Table of Contents https://rmusser.net/docs/Active_Directory.html
Top 16 Active Directory Vulnerabilities
Most organizations and business around the world today use Active Directory in their infrastructure as central management solution for managing their resources. But as any other similar technology, Active Directory is very complex and securing it requires significant effort and years of experience.
Purchased Microsoft 365 E5, Now What?
The Microsoft 365 E5 suite is essentially a large amount of the products Microsoft offers for the Enterprise environment, more so focused towards the security and compliance areas.
Awesome Penetration Testing
Penetration testing is the practice of launching authorized, simulated attacks against computer systems and their physical infrastructure to expose potential security weaknesses and vulnerabilities. Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕).
Securing Active Directory: Performing an Active Directory Security Review
During the , Sean Metcalf covered a number of Active Directory (AD) components and areas that should be reviewed for potential security issues.
Ein altbewährter Standard in neuem Gewand
Der OWASP Application Security Verification Standard (ASVS), eben in Version 4.0.2 erschienen, beantwortet die folgenden Fragen: 1. ) Wie sieht eine sichere Anwendung aus? 2.) Wie teste ich eine Anwendung? 3.) An was können sich meine Entwickler halten? (er liefert neben funktionalen v.a. auch nicht-funktionale Requirements) Er ist mMn die beste weil aktuellste Guideline im…