Kent Ickler

00419_11262019_WEBCAST_GroupPoliciesKillKillChains

Author, Blue Team, Informational, Jordan Drysdale, Kent Ickler, Webcasts Best Practices, CMD, Group Policies, honey accounts, Jordan Drysdale, Kent Ickler, Kerberos, LAPS, LLMNR, Local Admin Controls, Logging, PowerShell, SMB Message Signing, Sysmon

Webcast: Group Policies That Kill Kill Chains

On this webcast, we’ll guide you through an iterative process of building and deploying effective and practical Group Policy Objects (GPOs) that increase security posture. Slides for this webcast can […]

Read the entire post here

Author, Blue Team, Blue Team Tools, How-To, Informational, John Strand, Podcasts Attack Tactics, BHIS, Blue Team, Defenses, john strand, Jordan Drysdale, Kent Ickler, podcast

Podcast: Attack Tactics 6! Return of the Blue Team

Download slides: https://www.activecountermeasures.com/presentations In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed in Attack Tactics Part 5!!! Originally recorded […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

Author, Blue Team, How-To, Informational, John Strand, Webcasts Attack Tactics, Blue Team, canary tokens, cobalt strike, crackmapexec, Defenses, fixthefuture, honey accounts, john strand, Jordan Drysdale, Kent Ickler, LLMNR, MailSniper, RITA, ssh brute force

Webcast: Attack Tactics 6! Return of the Blue Team

Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_AttackTactics6ReturnofBlueTeam.pdf In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed […]

Read the entire post here

Author, C2, External/Internal, How-To, Informational, Jordan Drysdale, Kent Ickler, LLMNR, Password Cracking, Password Spray, Phishing, Recon, Red Team, Red Team Tools, Webcasts Attack Tactics, crackmapexec, Ethical Hacking, HTA, john strand, Jordan Drysdale, Kent Ickler, LLMNR, MailSniper, Password cracking, password spraying, pen-testing, phishing

Webcast: Attack Tactics 5 – Zero to Hero Attack

Timecode links take you to YouTube: 4:11 – Infrastructure & Background8:28 – Overview & Breakdown of Attack Methodology and Plans11:35 – Start of Attack (Gaining Access), Password Spraying Toolkit15:24 – […]

Read the entire post here

Author, Blue Team, How-To, Jordan Drysdale, Kent Ickler, Webcasts Active Directory, AD, AWS, Best Practices, Blue Team, Defender, Federation Services, Firewall, Group Policies, Groups, Infrastructure, Job Functional Roles, Jordan Drysdale, Jugular, Kent Ickler, LAPS, LLMNR, LSDOU, Naming Conventions, security, Sysmon, webcast, webcasts, whitelisting

Active Directory Best Practices to Frustrate Attackers: Webcast & Write-up

Kent Ickler & Jordan Drysdale // BHIS Webcast and Podcast This post accompanies BHIS’s webcast recorded on August 7, 2018, Active Directory Best Practices to Frustrate Attackers, which you can view below. […]

Read the entire post here

Author, Blue Team, How-To, Kent Ickler, Phishing Anti-Phising, Best Practices, Blue Team, DKIM, DMARC, Email, Filtering, Incident Response, IR, Kent Ickler, Marketing, phishing, reconnaissance, RFC 4408, Sender Policy Framework, Spam, SPF

Offensive SPF: How to Automate Anti-Phishing Reconnaissance Using Sender Policy Framework

Kent Ickler // TL;DR: This post describes the process of building an active system to automatically recon SPF violations. Disclaimer: There are parts of this build that might not be legal […]

Read the entire post here

Author, Blue Team, How-To, Kent Ickler Active Directory, AD, AD Best Practices, Best Practices, Kent Ickler, Link Layer Multicast Name Resolution, LLMNR, network

How To Disable LLMNR & Why You Want To

Kent Ickler // Link-Local Multicast Name Resolution (LLMNR) This one is a biggie, and you’ve probably heard Jordan, John, me, and all the others say it many many times. LLMNR […]

Read the entire post here

Blue Team, How-To, Phishing Best Practices, Blue Team, Derrick Rauch, DKIM, DMARC, Email, Filtering, Kent Ickler, Marketing, phishing, Sender Policy Framework, Spam, SPF

How to Configure SPFv1: Explained for the Masses

Kent Ickler and Derrick Rauch* // Sun Protection Factor Err… wait a second. Sender Policy Framework Ladies and Gentlemen of the class of 1997, Wear Sunscreen…I will dispense my advice, […]

Read the entire post here

00299_05102018_CrackOfficePasswordsWithDictionary

Author, External/Internal, How-To, Kent Ickler, Password Cracking AES, CeWL, decrypt, dictionary, encryption, Exce, Hashcat, John the Ripper, JTR, Kent Ickler, LinkedIn, microsoft office, Office, SHA, wordlist

How to Crack Office Passwords with a Dictionary

Kent Ickler// TLDR: We use a custom dictionary to crack Microsoft Office document encryption. Then we use a custom dictionary for pwnage in LinkedIn hash database. Background: I recently got […]

Read the entire post here

1 2 3