MSSQL auditing is configured separately from Windows auditing. To audit MSSQL you need to create…
BloodHound CE Setup
I’ve always had trouble getting BH running properly and finally decided to make a post…
UBI – User Browsing Isolation
This has been a big topic this year because of a major financial institution being…
Rolling KRBTGT Account
It is best practice to roll this account’s password every 180 days or immediately if…
SentinelOne: Why it’s important to monitor and audit your EPP
This is often an overlooked crucial step for endpoint protection software. Sometimes EPP can have…
Nessus False Positive
Plugin ID: 132101Windows Speculative Execution Configuration Check According to MS: KB4072698: Windows Server and Azure…
Uninstall Vulnerable Software Remotely
If you find a ton of boxes running vulnerable software that is no longer used…
ICMP Timestamp Request Remote Date Disclosure
You may have seen this vulnerability pop in Nessus. In order to remediate this we…
Disable mDNS
Issuing netstat and lsof commands to view UDP 5353 connections/listening ports shows that the avahi-daemon…
AD CS Vulnerabilities
If an attacker gets domain user level permissions they could use tools such as certipy-ad…