Clone of https://github.com/rmusser01/Infosec_Reference . For those who would prefer to not be tracked by MS.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 

3.2 KiB

Puppet

Chef

Salt

Mitigating Pass-the-Hash Attacks and other credential Theft-version2

  • Official MS paper.

Preventing the Exploitation of Structured Exception Handler (SEH) Overwrites with SEHOP

Second section good resource for hardening windows

Windows ISV Software Security Defenses

Delta Copy](http://www.aboutmyip.com/AboutMyXApp/DeltaCopy.jsp)

  • In technical terms, DeltaCopy is a "Windows Friendly" wrapper around the Rsync program, currently maintained by Wayne Davison. "rsync" is primarily designed for Unix/Linux/BSD systems. Although ports are available for Windows, they typically require downloading Cygwin libraries and manual configuration.

The 10 Windows group policy settings you need to get right

Windows Performance Toolkit Reference

Harden windows IP Stack

GPO Best Policies

Understanding DEP as a mitigation Technology Preventing the Exploitation of Structured Exception Handler (SEH) Overwrites with SEHOP

Windows Firewall Hook Enumeration

  • We’re going to look in detail at Microsoft Windows Firewall Hook drivers from Windows 2000, XP and 2003. This functionality was leveraged by the Derusbi family of malicious code to implement port-knocking like functionality. We’re going to discuss the problem we faced, the required reverse engineering to understand how these hooks could be identified and finally how the enumeration tool was developed.

15 Ways to bypass Powershell execution-policy settings

  • Does what it says on the tin. Overall, its clear that execution-policy was not meant as a security method. Or if it was, someone was drinking a bit too much.

http://www.grouppolicy.biz/2011/06/best-practices-group-policy-for-wsus/

https://media.blackhat.com/us-13/US-13-Duckwall-Pass-the-Hash-Slides.pdf

Protecting against Pass-The-Hash and other techniques

http://www.scriptjunkie.us/2013/06/fixing-pass-the-hash-and-other-problems/

Cached Domain Credentials

Mitigating Kerberos Golden Tickets: http://cert.europa.eu/static/WhitePapers/CERT-EU-SWP_14_07_PassTheGolden_Ticket_v1_1.pdf

https://sysforensics.org/2014/01/know-your-windows-processes.html

https://bettercrypto.org/static/applied-crypto-hardening.pdf