windows
Weird GPOs - Netlogon_AvoidPdcOnWan —
Weird Microsoft advice and how to abuse it for remote access sites
Windows Lab Resources —
I packaged some terraform scripts and made a s3 bucket public, to hopefully make someone elses live easier. Enjoy.
Being cheap with Github Actions —
Need Packer VMs? Like being cheap? Try wasting your time with this clickbait.
XSS in the trusted zone is drive-by RCE —
Seemingly everyone has forgotten how internet explorer works
SpecterOps training - VRO and Mac Tradecraft review —
Do SpecterOps training, it's good for you (and your team!)
AD - Account Lockout vs Disabled —
Disabling an account in AD isn't instant, but a lockout is.
Jumpboxes are not a mitigation for credential theft —
Advice no one reads from Microsoft, but probably should have. Jumpservers are Fake News(TM)
M$ - AlwaysOn VPN first thoughts —
AlwaysOn, initial thoughts and ideas
Shitty sysadmins - Applocker —
Applocker - 'May provide protection without being able to provide a robust defence'
Shitty sysadmins - MS14-025 —
findstr /S /I cpassword shouldn't give you domain admin in 2019