Category: Gefundenes

This tutorial aims to help you get PowerShell logs from your endpoints into your SIEM to protect you from modern PowerShell abuse. https://www.secjuice.com/enterprise-powershell-protection-logging/

ScareCrow is a payload creation framework for generating loaders for the use of side loading (not injection) into a legitimate Windows process (bypassing Application Whitelisting controls). https://github.com/optiv/ScareCrow

Schöne Darstellung des Matrix DevSecOps Maturity Model: https://dsomm.timo-pagel.de/

This repository is an overview of what you need to learn penetration testing and a collection of hacking tools, resources and references to practice ethical hacking. Most of the tools are UNIX compatible, free and open source. https://github.com/sundowndev/hacker-roadmap

Attacking & Securing Active Directory Table of Contents https://rmusser.net/docs/Active_Directory.html

Most organizations and business around the world today use Active Directory in their infrastructure as central management solution for managing their resources. But as any other similar technology, Active Directory is very complex and securing it requires significant effort and years of experience.

The Microsoft 365 E5 suite is essentially a large amount of the products Microsoft offers for the Enterprise environment, more so focused towards the security and compliance areas.

Penetration testing is the practice of launching authorized, simulated attacks against computer systems and their physical infrastructure to expose potential security weaknesses and vulnerabilities. Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕).

During the , Sean Metcalf covered a number of Active Directory (AD) components and areas that should be reviewed for potential security issues.