Severins kleine Cyber Seite

This document describes an overall enterprise access model that includes context of how a privileged access strategy fits in. For a roadmap on how to adopt a privileged access strategy, see the rapid modernization plan …

This tutorial aims to help you get PowerShell logs from your endpoints into your SIEM to protect you from modern PowerShell abuse. https://www.secjuice.com/enterprise-powershell-protection-logging/

ScareCrow is a payload creation framework for generating loaders for the use of side loading (not injection) into a legitimate Windows process (bypassing Application Whitelisting controls). https://github.com/optiv/ScareCrow

Schöne Darstellung des Matrix DevSecOps Maturity Model: https://dsomm.timo-pagel.de/

This repository is an overview of what you need to learn penetration testing and a collection of hacking tools, resources and references to practice ethical hacking. Most of the tools are UNIX compatible, free and …

Attacking & Securing Active Directory Table of Contents https://rmusser.net/docs/Active_Directory.html

Most organizations and business around the world today use Active Directory in their infrastructure as central management solution for managing their resources. But as any other similar technology, Active Directory is very complex and securing …

The Microsoft 365 E5 suite is essentially a large amount of the products Microsoft offers for the Enterprise environment, more so focused towards the security and compliance areas.

Penetration testing is the practice of launching authorized, simulated attacks against computer systems and their physical infrastructure to expose potential security weaknesses and vulnerabilities. Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕).

During the , Sean Metcalf covered a number of Active Directory (AD) components and areas that should be reviewed for potential security issues.