Webcast: Group Policies That Kill Kill Chains
On this webcast, we’ll guide you through an iterative process of building and deploying effective and practical Group Policy Objects (GPOs) that increase security posture. Slides for this webcast can […]
Best Practices
Active Directory Best Practices to Frustrate Attackers: Webcast & Write-up
Kent Ickler & Jordan Drysdale // BHIS Webcast and Podcast This post accompanies BHIS’s webcast recorded on August 7, 2018, Active Directory Best Practices to Frustrate Attackers, which you can view below. […]
Scout2 Usage: AWS Infrastructure Security Best Practices
Jordan Drysdale// Full disclosure and tl;dr: The NCC Group has developed an amazing toolkit for analyzing your AWS infrastructure against Amazon’s best practices guidelines. Start here: https://github.com/nccgroup/Scout2 Then, access your […]
Offensive SPF: How to Automate Anti-Phishing Reconnaissance Using Sender Policy Framework
Kent Ickler // TL;DR: This post describes the process of building an active system to automatically recon SPF violations. Disclaimer: There are parts of this build that might not be legal […]
How To Disable LLMNR & Why You Want To
Kent Ickler // Link-Local Multicast Name Resolution (LLMNR) This one is a biggie, and you’ve probably heard Jordan, John, me, and all the others say it many many times. LLMNR […]
How to Configure SPFv1: Explained for the Masses
Kent Ickler and Derrick Rauch* // Sun Protection Factor Err… wait a second. Sender Policy Framework Ladies and Gentlemen of the class of 1997, Wear Sunscreen…I will dispense my advice, […]