Hi, this is Tenaka and this site is dedicated to preventing Hackers from compromising Windows, automating deployments and PowerShell.

I'll demo hacking techniques and explicit types of attack versus Windows security features. How hackers gain a foothold due to misconfigurations allowing the miscreant to pillage and plunder. Reframe from using the techniques detailed on this site to misbehave

 

The first time I spent securing Windows was back in 2000 and it was an NT4 Server, "clamping" mainly consisted of removing access to named files. Ever since I've deployed secure or hardened versions of both client and server. When GPO's and Domains aren't available applying hardening is as much an art as it is about the configuration, the art of applying security via automated scripts without destroying Windows or the ability to apply configuration is the challenge that gets me out of bed.

​As a fan of automation, there will be plenty of ConfigMgr, MDT and PowerShell for those inclined. Why point and click when it can be scripted.

#Vulnerability Report

Worried about misconfigurations of your clients and servers run this analysis script (here). It's fairly comprehensive checking for unquoted paths, folder and registry permission weakness, GPO settings and so much more with over 7000 lines of PowerShell.

#Links to Content

Scripts can be found on Github @ https://github.com/Tenaka.

Pentesting stuff can be found @ https://tenaka.gitbook.io/pentesting (this is under development).

#Attacker vs Defender Results

Reference and results table for the tests carried out so far, click on the links for details.

  • Facebook
  • Twitter

Contact me by submitting a message

Thanks for submitting!

Feel free to use the scripts and techniques but only after thoroughly testing and not for anything malicious. All the content on this site has been tested and should work as-is, the steps are I hope clear and concise, however, if there are any problems please email me using the form.

The material and information contained on this website are for general information purposes only. You should not rely upon the information on this website as a basis for making any changes to your Enterprise IT systems.