{"id":399,"date":"2014-10-29T21:10:53","date_gmt":"2014-10-30T01:10:53","guid":{"rendered":"http:\/\/adsecurity.org\/?page_id=399"},"modified":"2018-10-10T00:25:56","modified_gmt":"2018-10-10T04:25:56","slug":"security-resources","status":"publish","type":"page","link":"https:\/\/adsecurity.org\/?page_id=399","title":{"rendered":"Security Resources"},"content":{"rendered":"<p>This page is a reference with security documents, posts, videos and presentations I find useful for staying up to date on current security issues and exploits.<br \/>\n<em>Last Updated: May 2016<\/em><\/p>\n<p><strong><em>Note that this page isn&#8217;t actively updated. Visit the <a href=\"https:\/\/adsecurity.org\/?page_id=4031\">Attack, <\/a><a href=\"https:\/\/adsecurity.org\/?page_id=4031\">Defense<\/a><a href=\"https:\/\/adsecurity.org\/?page_id=4031\">, &amp;\u00a0<\/a><a href=\"https:\/\/adsecurity.org\/?page_id=4031\">Detection<\/a><a href=\"https:\/\/adsecurity.org\/?page_id=4031\">\u00a0page<\/a> for updated content.<\/em><\/strong><\/p>\n<p>&nbsp;<\/p>\n<h4>Microsoft Enterprise &amp; Active Directory Security Documents (&amp; Blog Posts):<\/h4>\n<ul>\n<li><a href=\"http:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=38785\">Best Practices for Securing Active Directory<\/a> (Microsoft IT) Published April 2013. (Microsoft Word document download) .<\/li>\n<li><a href=\"http:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=36036\">Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft, Version 1 and 2<\/a>\u00a0(Microsoft)\u00a0 (PDF document download).<\/li>\n<li><a href=\"http:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=21678\">Best Practices for Delegating Active Directory Administration<\/a> (Microsoft) Published November 2003. (Microsoft Word document download) .<\/li>\n<li><a href=\"http:\/\/www.microsoft.com\/en-us\/download\/confirmation.aspx?id=16849\">Active Directory Domain Controller Operations Guide<\/a> (Microsoft) Published September 2008. (Microsoft Word document download).<\/li>\n<li><a href=\"http:\/\/blogs.technet.com\/b\/lrobins\/archive\/2011\/06\/23\/quot-admin-free-quot-active-directory-and-windows-part-1-understanding-privileged-groups-in-ad.aspx\">&#8220;Admin Free&#8221; Active Directory and Windows, Part 1- Understanding Privileged Groups in AD<\/a> (Blog post by Laura Robinson)<\/li>\n<li><a href=\"http:\/\/blogs.technet.com\/b\/lrobins\/archive\/2011\/06\/23\/quot-admin-free-quot-active-directory-part-2-protected-accounts-and-groups-in-active-directory.aspx\">&#8220;Admin Free&#8221; Active Directory and Windows, Part 2- Protected Accounts and Groups in Active Directory<\/a><a href=\"http:\/\/technet.microsoft.com\/en-us\/library\/dn408187.aspx\"> (Blog post by Laura Robinson)<\/a><\/li>\n<li><a href=\"http:\/\/technet.microsoft.com\/en-us\/library\/dn408187.aspx\">LSA (LSASS) Protection Option in Windows 8.1 &amp; Windows Server 2012 R2<\/a> (technical article)<\/li>\n<li><a href=\"https:\/\/technet.microsoft.com\/en-us\/solutionaccelerators\/cc835245\">Microsoft Security Compliance Manager (SCM)<\/a> &#8211; Build configuration files and GPOs with Microsoft recommended enterprise security recommended settings based on Microsoft security guidelines.<\/li>\n<li><a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=46899\">Microsoft Local Administrator Password Solution (LAPS)<\/a> for randomizing local Administrator account password on all enterprise computers.<\/li>\n<li><a href=\"https:\/\/technet.microsoft.com\/en-us\/library\/mt631194.aspx\">Securing Privileged Access<\/a> &#8211; protecting administrative credentials with a &#8220;Privileged Access Workstation&#8221; to mitigate Pass-the-Hash (PTH).\n<ul>\n<li><a href=\"https:\/\/technet.microsoft.com\/en-us\/library\/mt634654.aspx\">Privileged Access Workstations<\/a> &#8211; Privileged Access Workstations (PAWs) provide a dedicated operating system for sensitive tasks that is protected from Internet attacks and threat vectors. Separating these sensitive tasks and accounts from the daily use workstations and devices provides very strong protection from phishing attacks, application and OS vulnerabilities, various impersonation attacks, and credential theft attacks such as keystroke logging, <a href=\"https:\/\/www.microsoft.com\/en-us\/download\/details.aspx?id=36036\">Pass-the-Hash<\/a>, and <a href=\"https:\/\/download.microsoft.com\/download\/7\/7\/A\/77ABC5BD-8320-41AF-863C-6ECFB10CB4B9\/Mitigating%20Pass-the-Hash%20%28PtH%29%20Attacks%20and%20Other%20Credential%20Theft%20Techniques_English.pdf\">Pass-The-Ticket<\/a>.<\/li>\n<li><a href=\"https:\/\/technet.microsoft.com\/en-us\/library\/mt631193.aspx\">Securing Privileged Access Reference Material <\/a>&#8211; covers the administrative tiers and admin forest concept.<\/li>\n<\/ul>\n<\/li>\n<li><a href=\"https:\/\/technet.microsoft.com\/en-us\/security\/jj653751\">Microsoft Enhanced Mitigation Experience Toolkit (EMET)<\/a> &#8211; EMET helps prevent application vulnerabilities from being exploited (including some 0-days). It&#8217;s a free product that effectively &#8220;wraps&#8221; popular applications so when vulnerability exploitation is attempted, the attempt is stopped at the &#8220;wrapper&#8221; and doesn&#8217;t make it to the OS.<\/li>\n<li><a href=\"https:\/\/technet.microsoft.com\/en-us\/library\/dd723686%28v=ws.10%29.aspx\">Microsoft AppLocker<\/a> &#8211; AppLocker can be used to limit application execution to specific approved applications. There are several difference phases I recommend for AppLocker:\n<ul>\n<li>Phase 1: Audit Mode &#8211; audit all execution by users and the path they were run from. This logging mode provides information on what programs are run in the enterprise and this data is logged to the event log.<\/li>\n<li>Phase 2: &#8220;Blacklist Mode&#8221; &#8211; Configure AppLocker to block execution of any file in a user&#8217;s home directory, profile path, and temporary file location the user has write access to, such as c:\\temp.<\/li>\n<li>Phase 3: &#8220;Folder Whitelist Mode&#8221; &#8211; Configure AppLocker to build on Phase 2 by adding new rules to only allow execution of files in specific folders such as c:\\Windows and c:\\Program Files.<\/li>\n<li>Phase 4: \u201cApplication Whitelisting\u201d \u2013 Inventory all applications in use in the enterprise environment and whitelist those applications by path and\/or file hash (preferably digital signature). This ensures that only approved organization applications will execute.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><em>NOTE: <a href=\"http:\/\/subt0x10.blogspot.com\/2015\/11\/your-whitelisting-application-has-no.html\">Application whitelisting is not a panacea<\/a> and is a journey &#8211; it takes time to build a secure enterprise and every defensive layer helps, though each layer on its own may not be enough to stop an attack.<\/em><\/p>\n<p>&nbsp;<\/p>\n<p>Raphael Mudge (@armitagehacker) has great resources (and videos) describing red team actions and is extremely helpful in understanding how attackers compromise an environment. While much of the content is specific to Cobalt Strike, it&#8217;s a treasure trove of red team information. Highly recommended!<br \/>\n<a href=\"http:\/\/blog.cobaltstrike.com\/2015\/09\/30\/advanced-threat-tactics-course-and-notes\/\">http:\/\/blog.cobaltstrike.com\/2015\/09\/30\/advanced-threat-tactics-course-and-notes\/ <\/a><\/p>\n<p>&nbsp;<\/p>\n<h4>ADSecurity.org Active Directory Security Posts:<\/h4>\n<ul>\n<li><a href=\"https:\/\/adsecurity.org\/?p=1684\">The Most Common Active Directory Security Issues and What You Can Do to Fix Them<\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=2362\">Attack Methods for Gaining Domain Admin Rights in Active Directory<\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=2398\">How Attackers Dump Active Directory Database Credentials<\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=2293\">Cracking Kerberos TGS Tickets Using Kerberoast \u2013 Exploiting Kerberos to Compromise the Active Directory Domain<\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=2288\">Finding Passwords in SYSVOL &amp; Exploiting Group Policy Preferences<\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?tag=ms14068\">MS14-068 Vulnerability, Exploitation, and Exploit Detection <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=1929\">Sneaky Active Directory Persistence Tricks <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=227\">Kerberos, Active Directory\u2019s Secret Decoder Ring <\/a><\/li>\n<li>K<a href=\"https:\/\/adsecurity.org\/?p=483\">erberos &amp; KRBTGT: Active Directory\u2019s Domain Kerberos Service Account <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=1640\">Golden Tickets are Now More Golden<\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=2011\">How Attackers Use Kerberos Silver Tickets to Exploit Systems<\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=1790\">Microsoft Local Administrator Password Solution (LAPS) <\/a><\/li>\n<li><strong><a href=\"https:\/\/adsecurity.org\/?page_id=1821\">Mimikatz Guide and Command Reference<\/a><\/strong><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=1729\">Mimikatz DCSync Usage, Exploitation, and Detection <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=2053\">Dump Clear-Text Passwords for All Admins in the Domain Using Mimikatz DCSync <\/a><\/li>\n<li>G<a href=\"https:\/\/adsecurity.org\/?p=1681\">reat Active Directory Attack &amp; Defense Resources <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=1667\">Active Directory Security Risk #101: Kerberos Unconstrained Delegation <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=1588\">It\u2019s All About Trust \u2013 Forging Kerberos Trust Tickets to Spoof Access across Active Directory Trusts <\/a><\/li>\n<li>\u00a0<a href=\"https:\/\/adsecurity.org\/?p=1535\">Windows 10 Microsoft Passport (aka Microsoft Next Generation Credential) In Detail <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=1515\"> Detecting Forged Kerberos Ticket (Golden Ticket &amp; Silver Ticket) Use in Active Directory <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=1508\">SPN Scanning \u2013 Service Discovery without Network Port Scanning <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=230\">Active Directory Pentest Recon Part 1: SPN Scanning aka Mining Kerberos Service Principal Names <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=1255\">Active Directory Domain Controller Skeleton Key Malware &amp; Mimikatz <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=1275\">Attackers Can Now Use Mimikatz to Implant Skeleton Key on Domain Controllers &amp; BackDoor Your Active Directory Forest <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=1232\">PowerShell Security: Execution Policy is Not An Effective Security Strategy \u2013 How to Bypass the PowerShell Execution Policy <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=1001\">Interesting Windows Computer &amp; Active Directory Well-Known Security Identifiers (SIDs)<\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=384\">Using Group Policy Preferences for Password Management = Bad Idea <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=63\">Group Policy Preferences Password Vulnerability Now Patched <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=559\">Microsoft KB2871997: Back-Porting Windows 8.1\/Win2012R2 Enhanced Security &amp; Pass The Hash Mitigation to Windows 7, Windows 8, &amp; Windows 2008R2\u00a0<\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=464\">The Ultimate Movie Hacking Tool &#8211; Command Shell at Windows Logon Screen (via &#8220;StickyKeys&#8221;)<\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=429\">PowerShell for Pentesters <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=342\">Black Hat USA 2014 Presentation: Investigating PowerShell Attacks <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=425\">Active Directory Domain Trusts &amp; Trust Password Management <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=274\">Read-Only Domain Controller (RODC) Information <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=280\">Machine Account (AD Computer Object) Password Updates <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=113\">PowerShell: Using Active Directory .Net methods in PowerShell Part 1\u00a0 <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=192\">PowerShell: Using Active Directory .Net methods in PowerShell Part 2 <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?tag=microsoftemet\">Posts on Microsoft Enhanced Mitigation Experience Toolkit (EMET) 5 &amp; Protection Methods <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=267\">Active Directory 2012 DCPromo <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=81\">PowerShell Code: Get &amp; Set Active Directory Tombstone Lifetime and Active Directory Delete &amp; Recycle Operations <\/a><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h3>Sean Metcalf&#8217;s (ADSecurity.org) Active Directory Security Presentations<\/h3>\n<ul>\n<li><a href=\"https:\/\/adsecurity.org\/?p=1738\">DerbyCon V (2015): Red vs. Blue: Modern Active Directory Attacks &amp; Defense Talk Detail <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=1632\">DEF CON 23 (2015) Red vs Blue: Modern Active Directory Attacks &amp; Defense Talk Detail <\/a><\/li>\n<li><a href=\"https:\/\/adsecurity.org\/?p=1612\">Black Hat USA 2015 Red vs Blue Active Directory Attack &amp; Defense Talk Detail <\/a><\/li>\n<\/ul>\n<h3><\/h3>\n<h3>Other Great Enterprise &amp; AD Security Resources<\/h3>\n<ul>\n<li><a href=\"https:\/\/community.rapid7.com\/community\/infosec\/blog\/2014\/09\/16\/mitigating-service-account-credential-theft\">Mitigating Service Account Credential Theft <\/a>(Rapid 7) Published September 2014.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h3>Microsoft Ignite 2015 Security Sessions<\/h3>\n<p><strong>Windows Security Sessions:<\/strong><\/p>\n<p>How to Protect Your Corporate Resources from Advanced Attacks (Microsoft Advanced Threat Analytics, formerly Aorato)<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK3870\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK3870<\/a><br \/>\nDemi Albuz, Michael Dubinsky, Benny Lakunishok, Idan Plotnik<br \/>\n<a href=\"http:\/\/video.ch9.ms\/sessions\/ignite\/2015\/decks\/BRK3870_Albuz.pptx\">Slides<\/a> (<a href=\"http:\/\/view.officeapps.live.com\/op\/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK3870_Albuz.pptx\">view online<\/a>)<\/p>\n<p>How You Can Hack-Proof Your Clients and Servers in a Day<br \/>\nHasain Alshakarti, Marcus Murray<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2346\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2346<\/a><\/p>\n<p>Hacker Tools for Ethical Hackers to Protect Windows Clients<br \/>\nRaymond Comvalius, Erdal Ozkaya<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2332\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2332<br \/>\n<\/a><a href=\"http:\/\/video.ch9.ms\/sessions\/ignite\/2015\/decks\/BRK2332_Ozkaya.pptx\">Slides<\/a> (<a href=\"http:\/\/view.officeapps.live.com\/op\/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2332_Ozkaya.pptx\">view online<\/a>)<\/p>\n<p>Detecting the Undetectable<br \/>\nRoger Grimes<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2344\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2344<br \/>\n<\/a><a href=\"http:\/\/video.ch9.ms\/sessions\/ignite\/2015\/decks\/BRK2344_Grimes.pptx\">Slides<\/a> (<a href=\"http:\/\/view.officeapps.live.com\/op\/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2344_Grimes.pptx\">view online<\/a>)<\/p>\n<p>Adventures in Underland: What Your System Stores on the Disk without Telling You<br \/>\nPaula Januszkiewicz<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK3320\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK3320<\/a><\/p>\n<p>Hidden Talents: Things Administrators Never Expect from Their Users Regarding Security<br \/>\nPaula Januszkiewicz<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK3323\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK3323<\/a><\/p>\n<p>The Ultimate Hardening Guide: What to Do to Make Hackers Pick Someone Else<br \/>\nPaula Januszkiewicz<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK3343\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK3343<\/a><\/p>\n<p>Black Belt Security with Windows 10<br \/>\nSami Laiho<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK3336\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK3336<\/a><\/p>\n<p>Zero Admins \u2013 Zero Problems<br \/>\nSami Laiho<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2335\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2335<\/a><br \/>\n<a href=\"http:\/\/video.ch9.ms\/sessions\/ignite\/2015\/decks\/BRK2335_Laiho.pptx\">Slides<\/a> (<a href=\"http:\/\/view.officeapps.live.com\/op\/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2335_Laiho.pptx\">view online<\/a>)<\/p>\n<p>Barbarians Inside the Gates: Protecting against Credential Theft and Pass the Hash Today<br \/>\nAaron Margosis, Mark Simos<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2334\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2334<br \/>\n<\/a><a href=\"http:\/\/video.ch9.ms\/sessions\/ignite\/2015\/decks\/BRK2334_Margosis.pptx\">Slides<\/a> (<a href=\"http:\/\/view.officeapps.live.com\/op\/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2334_Margosis.pptx\">view online<\/a>)<\/p>\n<p>Advanced Windows Defense<br \/>\nErdal Ozkaya<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2311\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2311<\/a><br \/>\n<a href=\"http:\/\/video.ch9.ms\/sessions\/ignite\/2015\/decks\/BRK2311_Ozkaya.pptx\">Slides<\/a> (<a href=\"http:\/\/view.officeapps.live.com\/op\/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2311_Ozkaya.pptx\">view online<\/a>)<\/p>\n<p>Zombies in Social Networks<br \/>\nErdal Ozkaya<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2315\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2315<br \/>\n<\/a><a href=\"http:\/\/video.ch9.ms\/sessions\/ignite\/2015\/decks\/BRK2315_Ozkaya.pptx\">Slides<\/a> (<a href=\"http:\/\/view.officeapps.live.com\/op\/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2315_Ozkaya.pptx\">view online<\/a>)<\/p>\n<p>Modern Hardening: Lessons Learned on Hardening Applications and Services<br \/>\nShawn Rabourn, Mark Simos<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK3486\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK3486<\/a><\/p>\n<p>&nbsp;<\/p>\n<p><strong>Windows 10 Security Sessions:<\/strong><br \/>\nDropping the Hammer Down on Malware Threats with Windows 10\u2019s Device Guard<br \/>\nScott Anderson, Jeffrey Sutherland<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2336\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2336<\/a><br \/>\n<a class=\"slides\" href=\"http:\/\/video.ch9.ms\/sessions\/ignite\/2015\/decks\/BRK2336_Sutherland.pptx\">Slides<\/a> (<a href=\"http:\/\/view.officeapps.live.com\/op\/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2336_Sutherland.pptx\">view online<\/a>)<\/p>\n<p>The End Game for Passwords and Credential Theft?<br \/>\nNelly Porter<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2333\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2333<\/a><br \/>\n<a class=\"slides\" href=\"http:\/\/video.ch9.ms\/sessions\/ignite\/2015\/decks\/BRK2333_Porter.pptx\">Slides<\/a> (<a href=\"http:\/\/view.officeapps.live.com\/op\/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2333_Porter.pptx\">view online<\/a>)<\/p>\n<p>Overview of Windows 10 for Enterprises<br \/>\nJeremy Chapman, Dustin Ingalls<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/THR0342\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/THR0342<\/a><\/p>\n<p>Windows 10: Disrupting the Revolution of Cyber-Threats with Revolutionary Security!<br \/>\nChris Hallum, Dustin Ingalls<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2306\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2306<br \/>\n<\/a><a href=\"http:\/\/video.ch9.ms\/sessions\/ignite\/2015\/decks\/BRK2306_Hallum.pptx\">Slides<\/a> (<a href=\"http:\/\/view.officeapps.live.com\/op\/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2306_Hallum.pptx\">view online<\/a>)<\/p>\n<p>A New Era of Threat Resistance for the Windows 10 Platform<br \/>\nChris Hallum, Dustin Ingalls<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2325\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2325<br \/>\n<\/a><a href=\"http:\/\/video.ch9.ms\/sessions\/ignite\/2015\/decks\/BRK2325_Hallum.pptx\">Slides<\/a> (<a href=\"http:\/\/view.officeapps.live.com\/op\/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2325_Hallum.pptx\">view online<\/a>)<\/p>\n<p>Next Generation Malware Detection with Windows Defender<br \/>\nDustin Ingalls, Deepak Manohar<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2327\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK2327<\/a><br \/>\n<a class=\"slides\" href=\"http:\/\/video.ch9.ms\/sessions\/ignite\/2015\/decks\/BRK2327_Manohar.pptx\">Slides<\/a> (<a href=\"http:\/\/view.officeapps.live.com\/op\/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2327_Manohar.pptx\">view online<\/a>)<\/p>\n<p><strong>Misc:<\/strong><\/p>\n<p>Sysinternals Primer: Ignite 2015 Edition<br \/>\nAaron Margosis<br \/>\n<a href=\"https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK3337\">https:\/\/channel9.msdn.com\/Events\/Ignite\/2015\/BRK3337<br \/>\n<\/a><\/p>\n<h3>Active Directory Security Presentations (<a href=\"https:\/\/www.youtube.com\/playlist?list=PLStO1VqVBvmHev5qaNDl78oSzuHcXDDsk\">DerbyCon 2014 Videos<\/a>):<\/h3>\n<ul>\n<li><a href=\"https:\/\/www.youtube.com\/watch?v=sTU-70dD-Ok&amp;list=PLStO1VqVBvmHev5qaNDl78oSzuHcXDDsk&amp;index=6\">Abusing Active Directory in Post Exploitation &#8211; Carlos Perez <\/a><\/li>\n<li><a href=\"https:\/\/www.youtube.com\/watch?v=RIRQQCM4wz8&amp;list=PLStO1VqVBvmHev5qaNDl78oSzuHcXDDsk&amp;index=10\">Et tu Kerberos &#8211; Christopher Campbell <\/a><\/li>\n<li><a href=\"https:\/\/www.youtube.com\/watch?v=uccM2xtE5SA&amp;list=PLStO1VqVBvmHev5qaNDl78oSzuHcXDDsk&amp;index=65\">Active Directory Real Defense for Domain Admins &#8211; Jason Lang<\/a><\/li>\n<li><a href=\"https:\/\/www.youtube.com\/watch?v=PUyhlN-E5MU&amp;index=59&amp;list=PLStO1VqVBvmHev5qaNDl78oSzuHcXDDsk\">Attacking Microsoft Kerberos Kicking the Guard Dog of Hades &#8211; Tim Medin<\/a><\/li>\n<li><a href=\"http:\/\/www.scriptjunkie.us\/2013\/09\/the-infosec-revival-derbycon-2013\/\">DerbyCon 2013: The InfoSec Revival &#8211; Scriptjunkie<br \/>\n<\/a><\/li>\n<\/ul>\n<h3>\u00a0Active Directory Security Presentations (<a href=\"https:\/\/www.youtube.com\/playlist?list=UUbbgnifxfH-nqx6z9XQ963Q\">Black Hat USA 2014 Videos<\/a>):<\/h3>\n<ul>\n<li><a href=\"https:\/\/www.youtube.com\/watch?v=-IMrNGPZTl0&amp;index=4&amp;list=UUbbgnifxfH-nqx6z9XQ963Q\">Abusing Microsoft Kerberos Sorry You Guys Don&#8217;t Get It \u00a0(aka the Mimikatz Golden Ticket Presentation) &#8211; Skip Duckwall &amp; Benjamin Delpy<\/a><\/li>\n<li><a href=\"https:\/\/www.youtube.com\/watch?v=Z0eRS5JVxXs&amp;index=57&amp;list=UUbbgnifxfH-nqx6z9XQ963Q\">Forensics Investigating: PowerShell Attacks &#8211; Ryan Kazanciyan<\/a> &amp; <a href=\"http:\/\/www.fireeye.com\/resources\/pdfs\/fireeye-lazanciyan-investigating-powershell-attacks.pdf\">Whitepaper (PDF download)<\/a><\/li>\n<\/ul>\n<h3>Active Directory Security Presentations (<a href=\"http:\/\/channel9.msdn.com\/Events\/TechEd\/NorthAmerica\/2014\">TechEd USA 2014 Videos &amp; Presentation files<\/a>):<\/h3>\n<ul>\n<li>TWC: <a href=\"http:\/\/channel9.msdn.com\/Events\/TechEd\/NorthAmerica\/2014\/DCIM-B359\">Pass-the-Hash: How Attackers Spread and How to Stop Them<\/a><br \/>\nDate: May 13, 2014 from 1:30PM to 2:45PM<br \/>\nDCIM-B359<br \/>\nSpeakers: Nathan Ide, Mark Russinovich<br \/>\n<a href=\"http:\/\/video.ch9.ms\/sessions\/teched\/na\/2014\/DCIM-B359-mobile.mp4\">Download Mp4<\/a><br \/>\n<a href=\"http:\/\/video.ch9.ms\/sessions\/teched\/na\/2014\/DCIM-B359.pptx\">PPTX Slides<\/a><\/li>\n<li>TWC: <a href=\"http:\/\/channel9.msdn.com\/Events\/TechEd\/NorthAmerica\/2014\/DCIM-B213\">Pass-the-Hash and Credential Theft Mitigation Architectures<\/a><br \/>\nDate: May 14, 2014 from 1:30PM to 2:45PM<br \/>\nDCIM-B213<br \/>\nSpeakers: Nicholas DiCola, Mark Simos<br \/>\n<a href=\"http:\/\/video.ch9.ms\/sessions\/teched\/na\/2014\/DCIM-B213-mobile.mp4\">Download Mp4<\/a><br \/>\n<a href=\"http:\/\/video.ch9.ms\/sessions\/teched\/na\/2014\/DCIM-B213.pptx\"> PPTX Slides<\/a><\/li>\n<\/ul>\n<h3>\u00a0Pass-the-Hash &amp; Kerberos Attack Resources:<\/h3>\n<ul>\n<li><a href=\"http:\/\/www.slideshare.net\/gentilkiwi\/bluehat-2014realitybites\">BlueHat 2014 Slides: Reality Bites: The Attacker&#8217;s View of Windows Authentication and Post-exploitation &#8211; Chris Campbell, Benjamin Delpy, &amp; Skip Duckwall<\/a><\/li>\n<li><a href=\"https:\/\/media.blackhat.com\/us-13\/US-13-Duckwall-Pass-the-Hash-WP.pdf\">BlackHat USA 2013 Slides: Microsoft&#8217;s Credential Problem &#8211; Skip Duckwall &amp; Chris Campbell<\/a><\/li>\n<li><a href=\"https:\/\/www.youtube.com\/watch?v=-IMrNGPZTl0&amp;index=4&amp;list=UUbbgnifxfH-nqx6z9XQ963Q\">Abusing Kerberos (aka the Mimikatz Golden Ticket Presentation) BlackHat USA 2014 Presentation Video &#8211; Skip Duckwall &amp; Benjamin Delpy<\/a><\/li>\n<li><a href=\"http:\/\/passing-the-hash.blogspot.com\/2014\/08\/mimikatz-and-golden-tickets-whats-bfd.html\">Mimikatz and Golden Tickets&#8230; What&#8217;s the BFD? BlackHat USA 2014 Redux part 1 <\/a><\/li>\n<li><a href=\"http:\/\/passing-the-hash.blogspot.com\/2014\/03\/dontgetpth.html\">Why We Don&#8217;t Get It and Why We Shouldn&#8217;t (blog post)<\/a><\/li>\n<li><a href=\"http:\/\/passing-the-hash.blogspot.com\/2014\/03\/guest-post-lets-talk-about-pass-hash-by.html\">Let&#8217;s talk about Pass-the-Hash<\/a> (blog post)<\/li>\n<li><a href=\"http:\/\/cert.europa.eu\/static\/WhitePapers\/CERT-EU-SWP_14_07_PassTheGolden_Ticket_v1_1.pdf\">Pass The Golden Ticket Protection from Kerberos &#8211; Golden Ticket Mitigating pass the ticket on Active Directory<\/a> (CERT EU Whitepaper)<\/li>\n<li><a href=\"https:\/\/www.nsa.gov\/ia\/_files\/app\/Reducing_the_Effectiveness_of_Pass-the-Hash.pdf\">NSA whitepaper: Reducing the Effectiveness of Pass-the-Hash <\/a>(published November 2013)<\/li>\n<li><a href=\"http:\/\/www.rsaconference.com\/writable\/presentations\/file_upload\/hta-w03-pass-the-hash-how-attackers-spread-and-how-to-stop-them.pdf\">RSA Conference 2014 Video: Pass-the-Hash: How Attackers Spread and How to Stop Them (Mark Russinovich &amp; Nathan Ide)<\/a><\/li>\n<\/ul>\n<h3>General Hacking Videos:<\/h3>\n<p><a href=\"http:\/\/blog.cobaltstrike.com\/2015\/09\/30\/advanced-threat-tactics-course-and-notes\/\">Advanced Threat Tactics Course and Notes\u00a0 &#8211; Great coverage of attack methodology and tactics.<\/a><\/p>\n<h4>Hacking History:<\/h4>\n<ul>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/30\">History Of Hacking Part 1 <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/31\">History Of Hacking Part 2 <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/32\">History Of Hacking Part 3 <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/33\">History Of Hacking Part 4 <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/34\">History Of Hacking Part 5 <\/a> \u00a0 (SecurityTube)<\/li>\n<\/ul>\n<h4>Networking:<\/h4>\n<ul>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/63\">Packet Sniffing Using Wireshark <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/1756\">Wireless Lan Security Megaprimer Part 1: Getting Started <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/1757\">Wireless Lan Security Megaprimer Part 2: Bands, Channels And Sniffing <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/1761\">Wireless Lan Security Megaprimer Part 3: Pwning Beacon Frames <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/1763\">Wireless Lan Security Megaprimer Part 4: Dissecting Ap-Client Connections <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/1773\">Wireless Lan Security Megaprimer Part 6: Pwning Hidden Ssids <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/1776\">Wireless Lan Security Megaprimer Part 8: Hacking Wlan Authentication <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/1779\">Wireless Lan Security Megaprimer Part 9: Hotspot Attacks <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/1781\">Wireless Lan Security Megaprimer Part 11:Alfa Card Kung-Fu <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/1782\">Wireless Lan Security Megaprimer Part 12: Man-In-The-Middle Attack <\/a> \u00a0 (SecurityTube)<\/li>\n<li>\n<div class=\"title\"><a href=\"http:\/\/www.securitytube.net\/video\/1921\">Wlan Security Megaprimer Part 26: Cracking Wpa\/Wpa2-Psk With Just The Client<\/a> \u00a0 (SecurityTube)<\/div>\n<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/613\">Cracking Wep And Breaking Into The Wireless Router <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/152\">Cracking Wpa Psk With Aircrackng <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/2661\">Cracking Wifi Wpa\/Wps Easily Using Reaver 1.1 <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/775\">Router Hacking Part 1 (The Basics) <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/776\">Router Hacking Part 2 (Service Enumeration, Fingerprinting And Default Accounts) <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/777\">Router Hacking Part 3 (Bruteforcing And Dictionary Attacks With Hydra)<\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/778\">Router Hacking Part 4 (Snmp Attacks Using Snmpcheck) <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/782\">Router Hacking Part 6 (Dictionary Attack Using Metasploit On Snmp) <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/4999\">Bypass Hotspot Login Page For Accessing Internet <\/a> \u00a0 (SecurityTube)<\/li>\n<\/ul>\n<h4>MetaSploit:<\/h4>\n<ul>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/1175\">Metasploit Megaprimer (Exploitation Basics And Need For Metasploit) Part 1<\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/1176\">Metasploit Megaprimer (Getting Started With Metasploit) Part 2 <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/1181\">Metasploit Megaprimer Part 3 (Meterpreter Basics And Using Stdapi) <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/836\">Metasploit Meterpreter Reverse Tcp Basics <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/1123\">Hacking Through The Windows Firewall Using Metasploit <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/2556\">Metasploit Framework Expert Part 1 (Exploitation Basics) <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/2563\">Metasploit Framework Expert Part 2 ( Why Metasploit?) <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/2564\">Metasploit Framework Expert Part 3 ( Meterpreter Basics ) <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/2601\">Metasploit Framework Expert ( Armitage ) <\/a> \u00a0 (SecurityTube)<\/li>\n<\/ul>\n<h4>Services:<\/h4>\n<ul>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/2\">Dns Zone Transfer Using Dig<\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/152\">Ssl Man-IN-The-Middle (MITM) Attack Over Wireless <\/a> \u00a0 (SecurityTube)<\/li>\n<li>\n<div class=\"title\"><a href=\"http:\/\/www.securitytube.net\/video\/157\">Defeating Ssl Using Sslstrip (Marlinspike Blackhat)<\/a> \u00a0 (SecurityTube)<\/div>\n<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/269\">Sql Injection On Steroids With Sqlmap <\/a> \u00a0 (SecurityTube)<\/li>\n<\/ul>\n<h4>Programming:<\/h4>\n<ul>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/610\">Python Programming Language Lectures From MIT <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/1142\">Offensive Python For Web Hackers (Blackhat) <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/3786\">Securitytube Python Scripting Expert (Spse) Course And Certification <\/a> \u00a0 (SecurityTube)<\/li>\n<\/ul>\n<h4>Wireshark:<\/h4>\n<ul>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/432\">Analyze A Bot Infected Host With Wireshark <\/a> \u00a0 (SecurityTube)<\/li>\n<\/ul>\n<h4>Other:<\/h4>\n<ul>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/1220\">Scenario Based Hacking Part 1 (No Patches, No Av, Direct Access) <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/1756\">Buffer Overflow Primer Part 1 (Smashing The Stack) <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/152\">Ten Cool Things You Did Not Know About Your Hard Drive <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/1389\">Exploit Research Megaprimer Part 1 Topic Introduction By Vivek <\/a> \u00a0 (SecurityTube)<\/li>\n<li><a href=\"http:\/\/www.securitytube.net\/video\/137\">How To Make Files Undetectable By Anti Virus <\/a> \u00a0 (SecurityTube)<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h3>Security (Hack) Tools:<\/h3>\n<ul>\n<li><a href=\"http:\/\/www.kali.org\/\">Kali Linux OS with integrated hacking tools<\/a><\/li>\n<li><a href=\"https:\/\/www.wireshark.org\/\">WireShark Packet Sniffing Tool<\/a><\/li>\n<li><a href=\"http:\/\/www.ntdsxtract.com\/\">NTDSXtract<\/a> &#8211; A framework for offline forensic analysis of NTDS.DIT<\/li>\n<li><a href=\"http:\/\/www.ampliasecurity.com\/research\/wcefaq.html\">Windows Credential Editor (WCE)<\/a><\/li>\n<li><a href=\"https:\/\/github.com\/gentilkiwi\/mimikatz\/releases\/tag\/2.0.0-alpha-20141010\">Mimikatz<\/a> &#8211; tool to extract password data from LSASS &amp; create silver and golden tickets<\/li>\n<li><a href=\"https:\/\/www.trustedsec.com\/social-engineer-toolkit\/\">The Social Engineer Toolkit (SE Toolkit)<\/a> [included in Kali]<\/li>\n<li><a href=\"http:\/\/www.metasploit.com\/\">MetaSploit <\/a>&#8211; pentesting tool [included in Kali]<\/li>\n<li><a href=\"http:\/\/nmap.org\/\">nmap<\/a> &#8211; best network scanning tool [included in Kali]<\/li>\n<li><a href=\"http:\/\/hashcat.net\/oclhashcat\/\">HashCat<\/a> &#8211; password cracker<\/li>\n<li><a href=\"http:\/\/www.fastandeasyhacking.com\/\">Armitage <\/a>&#8211; simple front end for Metasploit<\/li>\n<li><a href=\"https:\/\/code.google.com\/p\/wifite\/\">WiFite <\/a>&#8211; WiFi wireless cracking<\/li>\n<\/ul>\n<h3>Defense Tools:<\/h3>\n<ul>\n<li><a href=\"https:\/\/adsecurity.org\/?p=157\">Microsoft EMET<\/a><\/li>\n<li><a href=\"http:\/\/technet.microsoft.com\/en-us\/sysinternals\/dn798348.aspx%20\">Microsoft Sysmon Enhanced Event Logging<\/a><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p style=\"text-align: left;\">\u00a0<em><strong>General Disclaimer:<br \/>\nThis information is for educational purposes only. Using this information to attack systems you don&#8217;t own may result in law enforcement knocking down your door. Use your own lab for testing and don&#8217;t hack your neighbor or your workplace.<\/strong><\/em><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This page is a reference with security documents, posts, videos and presentations I find useful for staying up to date on current security issues and exploits. Last Updated: May 2016 Note that this page isn&#8217;t actively updated. Visit the Attack, Defense, &amp;\u00a0Detection\u00a0page for updated content. &nbsp; Microsoft Enterprise &amp; Active Directory Security Documents (&amp; Blog &hellip; <\/p>\n<p><a class=\"more-link btn\" href=\"https:\/\/adsecurity.org\/?page_id=399\">Continue reading<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"open","ping_status":"open","template":"","meta":{"footnotes":""},"class_list":["post-399","page","type-page","status-publish","hentry","nodate","item-wrap"],"_links":{"self":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/pages\/399","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=399"}],"version-history":[{"count":37,"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/pages\/399\/revisions"}],"predecessor-version":[{"id":4053,"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/pages\/399\/revisions\/4053"}],"wp:attachment":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=399"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}