Adjusting Group Policy (Deny "Apply GPO") ACE's via PowerShell
01 Mar 2021
I think i’ll be able to use this again for other things, but the use case i needed to solve looked like this: A group policy to enforce some behaviour...
WDAC Notes
26 Jan 2021
The place to learn the most about Windows Defender Application Control (WDAC) the fastest is youtube. Matt Graeber put together an amazing set of tutorials, and if you’re trying to...
Wireguard on Ubuntu
21 Dec 2020
Very quick post to remind me how to set up the Wireguard client for Ubuntu quickly: (Most of this is taken from the Algo project documentation) First, visit the downloads...
Windows 20H2 changes
14 Nov 2020
Comparison of Windows 10 2004 and Windows 10 20H2 installations that might assist others who need to check off some of these things in their pre-deployment security review. The details...
edgegdi.dll for persistence
10 Oct 2020
Overview There’s a .dll which just about every process on my Windows machine is interested in called edgegdi.dll. Unfortunately, the dll: edgegdi.dll isn’t there (or anywhere on the system). You’ll...
Quick and Simple WiFi Testing with besside-ng
07 Sep 2020
I’ve been using Bettercap for a while now, and i love it but i saw a post on the weekend that reminded me the value in going back to look...
DLL Hijack for Cisco Anyconnect
23 Aug 2020
Note 1: the best place to learn a lot about dll hijacking is https://institute.sektor7.net; the main purpose of this post is to capture my notes while applying some of the...
Exploit Guard Mistakes
18 Jul 2020
This post details the mistakes I’ve made using and tuning Exploit Guard. They’re not meant to be interpreted as criticisms of the product; just thing’s I wish I’d realized earlier...
Exploit Guard vs Process (DLL) Injection
01 Jul 2020
In the previous post we evaluated Exploit Guard controls against a simple buffer overflow vulnerability in a test application. We used Matt Graeber’s Exploit Guard documentation as a guide. As...
Vulnserver Exploit vs Windows Defender Exploit Guard
27 Jun 2020
I’ve taken notes for exploiting Stephen Bradshaws ‘vulnserver’ in a previous post. I saved those here. This post evaluates the protection Windows Defender Exploit Guard can offer a vulnerable application....
Older Posts