Tag Archive: Security


Resources materials:

AD Security:

https://adsecurity.org/?p=1684

https://digital-forensics.sans.org/blog/2013/06/20/overview-of-microsofts-best-practices-for-securing-active-directory

Mimikatz and Active Directory Kerberos Attacks:

https://adsecurity.org/?p=556

https://www.nsa.gov/ia/_files/app/Reducing_the_Effectiveness_of_Pass-the-Hash.pdf

https://www.nsa.gov/ia/_files/app/Spotting_the_Adversary_with_Windows_Event_Log_Monitoring.pdf

http://www.gentilkiwi.com/mimikatz    /   http://blog.gentilkiwi.com/

Scripts:

https://github.com/iadgov/Pass-the-Hash-Guidance
https://github.com/iadgov/Event-Forwarding-Guidance

Domain lockdown: https://github.com/curi0usJack/activedirectory

Microsoft resources:

http://www.microsoft.com/pth

http://download.microsoft.com/download/7/7/A/77ABC5BD-8320-41AF-863C-6ECFB10CB4B9/Mitigating-Pass-the-Hash-Attacks-and-Other-Credential-Theft-Version-2.pdf

http://blogs.technet.com/b/security/archive/2014/07/08/new-strategies-and-features-to-help-organizations-better-protect-against-pass-the-hash-attacks.aspx

 

Pass the Hash – isolation technique:

passTheHash

 

Advertisements

Hi,

Here are list of web resources about Penetration techniques (pentest)/forensics techniques etc:

Definitions: http://en.wikipedia.org/wiki/Penetration_test  ; http://en.wikipedia.org/wiki/Computer_forensics

Tools and techniques:

Penetration toolkit for Windows: http://pentestlab.wordpress.com/2013/01/07/windows-tools-for-penetration-testing/

Penetration toolkit from Erdal Ozakaya: http://www.erdalozkaya.com/index.php/security/83-penetration-testing-framework-0-58

http://pentestlab.wordpress.com/

http://www.coresecurity.com

http://www.backtrack-linux.org/    ; http://fr.wikipedia.org/wiki/BackTrack  ; http://backtrack-fr.net/

http://www.ampliasecurity.com (with the famous wce) , http://oss.coresecurity.com/projects/pshtoolkit.html

http://sectools.org/

http://www.truesec.com

– guides:

http://www.bleepingcomputer.com/tutorials/have-i-been-hacked/

http://csrc.nist.gov/publications/nistpubs/800-115/SP800-115.pdf

http://www.us-cert.gov/reading_room/forensics.pdf

– library: http://ed-diamond.com/