«

4 comments

Skip to comment form

  1. Mitch Impey

    Hi Sean, I have benefited from your expertise for many years. Thanks very much !

  2. SS

    Is there a way to prevent authenticated folks who are not authorized from running these commands?

    1. Sean Metcalf

      Not built-in and working to get these blocked would be non-trivial. Not that this is the same type of data that authenticated users can gather via LDAP.
      Check out the PowerShell module “PowerView”: https://github.com/PowerShellMafia/PowerSploit/tree/master/Recon

    2. Joonas

      There is a way to prevent cmdlets or functions for PS remote session. Look at Securing Privileged Access document from Microsoft. From there look at Just enough admin and you find how to restrict PS usage

Comments have been disabled.