Want to annoy script kiddie hackers who rely on pressing buttons in Mimikatz? Then give this blog post about AD and Windows security basics! We’ll be going over some key techniques for safeguarding your network against common attack vectors, such as privileged account exposures, Pass-the-Ticket (PTT) attacks, and SID injection. We’ll also provide some powerful…
Defender, defender everywhere, That’s the story of Microsoft’s branding strategy theee days. I wasn’t the biggest fan of Intune being renamed the generic Endpoint Manager. I’m curious how many results get hidden on Google because pretty much everyone searches for *Intune* despite the rebranding years ago? It’s enough to give someone, like me who works…
I’ve been playing around with OpenAI’s ChatGPT bot and… this is going to be a really short blog post (just like my career). It actually **welp** did a pretty damn good job… Not perfect but scarily close. Impressive, right? But not perfect. To start off with, the solution the bot suggested isn’t AppLocker but rather App Protection….
I just wanted to write a short piece on: Credential Guard: Protect Windows from pass-the-hash and pass-the-ticket attacks. But then I started digging more into it and sort of fell down the rabbit hole. Basically I’m what you would call a blue teamer. And I love my role! Sure, I’ve tried my hand at capture-the-flag and…
Welcome to Part 2 of a planned four-part series! Part 1: Security Identifiers (SIDs) and Object Permissions in Windows Part 2: Security Identifiers (SIDs) and how to understand them (you’re reading this it now!) Part 3: Converting Azure Object IDs in Azure into Security Identifiers (SIDs) Part 4: Security Identifiers (SIDs) and User Rights Management In Part 1 we…
Welcome to Part 1 of a planned four-part series! Part 1: Security Identifiers (SIDs) and Object Permissions in Windows (you’re reading this it now!) Part 2: Security Identifiers (SIDs) and how to understand them Part 3: Converting Azure Object IDs in Azure into Security Identifiers (SIDs) Part 4: Security Identifiers (SIDs) and User Rights Management So on to Part…
We’re going over two things today. Kind of. On top of learning how to Ingest Policy Templates (ADMX) into Intune Force Installing Microsoft Defender Browser Protection on Google Chrome AND we’ll do that by building on what we learned in the GroupPolicy Administrative Templates (ADMX): What are they? How are they used? Andwhat if I need…
One of the best ways to manage Intune is by using the Microsoft Graph API. Microsoft Graph is a unified endpoint for accessing data and integrating with msot Microsoft cloud services, e.g. Intune. Using the Graph API, you can programmatically access and manipulate Intune data, making it easier to automate tasks and integrate Intune with…
…And analyzing GPO readiness for imports and migrations! …and For Those Who Wanna Learn to Do Other Stuff Good Too! This post is meant as both a stand-alone guide but also as a Part 2 for Running CIS Assessments for Hardening (grome.dev). Well, kind of. I could have sworn I’d already done a write-up on how to…
This post is pretty heavy on the on-premise/hybrid/Windows Server/Active Directory side of things; so if you’re new to that then I recommend you read: Group Policy Administrative Templates (ADMX): What are they? How are they used? And what if I need to update them? Ingesting Policy Templates (ADMX) into Intune And/Or if you’re new to…