Stay up to date on the latest tech trends, IT news, and cybersecurity threats with our educational blog.

Windows

DA 101 - Protecting your Domain Admin Account

At SynerComm's Fall IT Summit 2018 we presented a talk about the top 5 attacks used to compromise a Domain Administrator account. The AssureIT team put together a list of tools to help you check for these vulnerabilities in your network.

Learn More
Thoughts on Blocking Powershell.exe

Defenders do not view the world of infosec through the eyes of a determined, skilled attacker. They view the world through the quantity and quality of tickets generated by their SIEM (if they have one). It is true that a determined, skilled attackerĀ (read and understand that) can work around a correctly implemented PowerShell block. One such method is to drop an exe to disk call a dlls.

Learn More
Invoke-SMBAutoBrute.ps1 - Smart SMB Brute Forcing

One of my favorite post-ex metasploit modules is smb_login. It's great for running a quick test using credentials you've discovered. One of the problems with it is that there is nothing that prevents you from locking out accounts. Plus, you have to create user list which means dumping users | cut | sed | awk, blah blah blah.

Learn More
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram