Greetings, this website is committed to safeguarding Windows systems against potential hacking threats, streamlining deployment processes, and harnessing the power of PowerShell.
Here, I will demonstrate various hacking techniques and illustrate specific types of attacks in contrast to Windows' security measures. We'll explore how hackers exploit vulnerabilities resulting from misconfigurations, which could ultimately enable malicious actors to infiltrate and exploit these weaknesses. I strongly advise against using the knowledge shared on this site for any unethical or harmful purposes.
The first time I spent securing Windows was back in 2000 and it was an NT4 Server, "clamping" mainly consisted of removing access to named files. Ever since I've deployed secure or hardened versions of both client and server. When GPO's and Domains aren't available applying hardening is as much an art as it is about the configuration, the art of applying security via automated scripts without destroying Windows or the ability to apply configuration is the challenge that gets me out of bed.
As a fan of automation, there will be plenty of ConfigMgr, MDT and PowerShell for those inclined. Why point and click when it can be scripted.
Worried about misconfigurations of your clients and servers run this analysis script (here). It's fairly comprehensive checking for unquoted paths, folder and registry permission weakness, GPO settings and so much more with over 7000 lines of PowerShell.
#Links to Content
Scripts can be found on Github @ https://github.com/Tenaka.
#Attacker vs Defender Results
Reference and results table for the tests carried out so far, click on the links for details.
Contact me by submitting a message
Feel free to use the scripts and techniques but only after thoroughly testing and not for anything malicious. All the content on this site has been tested and should work as-is, the steps are I hope clear and concise, however, if there are any problems please email me using the form.
The material and information contained on this website are for general information purposes only. You should not rely upon the information on this website as a basis for making any changes to your Enterprise IT systems.