I’m going to talk about one of the TOP-5 most important things that need to be checked in the Active Directory, Permission Delegation. This is quite overlooked security topic. However, it’s very important to understand how permissions are working in active directory. What are the paths for a potential attacker to compromise our environment and how we can defend ourselves from potential attack?
Read moreIt’s your friendly neighborhood Microsoft Security Advisor, back with more tricks to keep your network safe. Despite your best efforts to protect your data, unencrypted network protocols might still be used. We show you how to use IPsec and SMB protection to create a web of protection around your information.
Read moreToday we gonna be talking about Nmap Scripting Engine, NSE. Nmap itself is a very interesting tool and can give penetration testers huge amount of information about network and systems connected to it. Nmap Scripting Engine is a powerful tool on top of Nmap, which allows us to automate some things that Nmap is doing during scanning.
Read more
Let’s start with some theoretical background about public key role separation. An important step in designing and implementing our public infrastructure is that reminding the groups or users who will manage it, and here, I would like to point out that we should always use active director groups when we are talking about security managing certification authorities that are member of active director, because it is much easier from management perspective. This design step determines the security of your public infrastructure, so please don’t treat it lightly.
Read more
If I were to pick my favorite network protocol, RDP for sure would be one of my candidates. It is relatively safe and well-documented, which is kind of a surprise, and it’s working very well in terms of performance, even on poor connections. The definition of the protocol is quite long, as it contains over 400 pages, and, additionally, we have a couple of extensions.
Read more
We’re going to talk about Rubber Ducky. It’s a very neat piece of hardware. It looks like a USB drive but has nothing to do with it except of USB connectivity, of course. Rubber Ducky is nothing more than keyboard emulating the device. It’s recognized by computer as a regular keyboard, and it’s capable of sending over 1,000 words per minute. Imagine how much text you could put into document, typing on your computer!
Read more