Author: Severin Winkler

It seems like many people on both sides of the fence, Red & Blue, aren’t familiar with most of Mimikatz’s capabilities, so I put together this information on all the available commands I could find. …

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. https://github.com/MobSF/Mobile-Security-Framework-MobSF

This post is an attempt to create an easy-to-use security model for the average internet user. Basically, how secure is someone’s current behavior with respect to passwords and authentication, and how can they improve? People …

This document describes an overall enterprise access model that includes context of how a privileged access strategy fits in. For a roadmap on how to adopt a privileged access strategy, see the rapid modernization plan …

This tutorial aims to help you get PowerShell logs from your endpoints into your SIEM to protect you from modern PowerShell abuse. https://www.secjuice.com/enterprise-powershell-protection-logging/

ScareCrow is a payload creation framework for generating loaders for the use of side loading (not injection) into a legitimate Windows process (bypassing Application Whitelisting controls). https://github.com/optiv/ScareCrow

Schöne Darstellung des Matrix DevSecOps Maturity Model: https://dsomm.timo-pagel.de/

This repository is an overview of what you need to learn penetration testing and a collection of hacking tools, resources and references to practice ethical hacking. Most of the tools are UNIX compatible, free and …

Attacking & Securing Active Directory Table of Contents https://rmusser.net/docs/Active_Directory.html

Most organizations and business around the world today use Active Directory in their infrastructure as central management solution for managing their resources. But as any other similar technology, Active Directory is very complex and securing …