CINXE.COM

<!DOCTYPE html>   <html lang="en-US" prefix="og: http://ogp.me/ns#">  <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <title>Security Resources – Active Directory Security</title> <meta name='robots' content='max-image-preview:large' /> <link rel="alternate" type="application/rss+xml" title="Active Directory Security » Feed" href="https://adsecurity.org/?feed=rss2" /> <link rel="alternate" type="application/rss+xml" title="Active Directory Security » Comments Feed" href="https://adsecurity.org/?feed=comments-rss2" /> <link rel="alternate" type="application/rss+xml" title="Active Directory Security » Security Resources Comments Feed" href="https://adsecurity.org/?feed=rss2&page_id=399" /> <script type="text/javascript"> /* <![CDATA[ */ window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/adsecurity.org\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.5.5"}}; /*! This file is auto-generated */ !function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0),new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data));return t.every(function(e,t){return e===r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!n(e,"\ud83d\udc26\u200d\u2b1b","\ud83d\udc26\u200b\u2b1b")}return!1}function f(e,t,n){var r="undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?new OffscreenCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.supportTests)return e.supportTests}catch(e){}return null}();if(!n){if("undefined"!=typeof Worker&&"undefined"!=typeof OffscreenCanvas&&"undefined"!=typeof URL&&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),p.toString()].join(",")+"));",r=new Blob([e],{type:"text/javascript"}),a=new Worker(URL.createObjectURL(r),{name:"wpTestEmojiSupports"});return void(a.onmessage=function(e){c(n=e.data),a.terminate(),t(n)})}catch(e){}c(n=f(s,u,p))}t(n)}).then(function(e){for(var t in e)n.supports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings); /* ]]> */ </script> <style id='wp-emoji-styles-inline-css' type='text/css'> img.wp-smiley, img.emoji { display: inline !important; border: none !important; box-shadow: none !important; height: 1em !important; width: 1em !important; margin: 0 0.07em !important; vertical-align: -0.1em !important; background: none !important; padding: 0 !important; } </style> <link rel='stylesheet' id='wp-block-library-css' href='https://adsecurity.org/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5' type='text/css' media='all' /> <style id='classic-theme-styles-inline-css' type='text/css'> /*! This file is auto-generated */ .wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none} </style> <style id='global-styles-inline-css' type='text/css'> body{--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 14px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 20px;--wp--preset--font-size--x-large: 42px;--wp--preset--font-size--tiny: 10px;--wp--preset--font-size--regular: 16px;--wp--preset--font-size--larger: 26px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flex{display: flex;}body .is-layout-flex{flex-wrap: wrap;align-items: center;}body .is-layout-flex > *{margin: 0;}body .is-layout-grid{display: grid;}body .is-layout-grid > *{margin: 0;}:where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;} .wp-block-navigation a:where(:not(.wp-element-button)){color: inherit;} :where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;} :where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;} .wp-block-pullquote{font-size: 1.5em;line-height: 1.6;} </style> <link rel='stylesheet' id='bootstrap-css' href='https://adsecurity.org/wp-content/themes/graphene/bootstrap/css/bootstrap.min.css?ver=6.5.5' type='text/css' media='all' /> <link rel='stylesheet' id='font-awesome-css' href='https://adsecurity.org/wp-content/themes/graphene/fonts/font-awesome/css/font-awesome.min.css?ver=6.5.5' type='text/css' media='all' /> <link rel='stylesheet' id='graphene-css' href='https://adsecurity.org/wp-content/themes/graphene/style.css?ver=2.8.4' type='text/css' media='screen' /> <link rel='stylesheet' id='graphene-responsive-css' href='https://adsecurity.org/wp-content/themes/graphene/responsive.css?ver=2.8.4' type='text/css' media='all' /> <link rel='stylesheet' id='graphene-blocks-css' href='https://adsecurity.org/wp-content/themes/graphene/blocks.css?ver=2.8.4' type='text/css' media='all' /> <style id='akismet-widget-style-inline-css' type='text/css'> .a-stats { --akismet-color-mid-green: #357b49; --akismet-color-white: #fff; --akismet-color-light-grey: #f6f7f7; max-width: 350px; width: auto; } .a-stats * { all: unset; box-sizing: border-box; } .a-stats strong { font-weight: 600; } .a-stats a.a-stats__link, .a-stats a.a-stats__link:visited, .a-stats a.a-stats__link:active { background: var(--akismet-color-mid-green); border: none; box-shadow: none; border-radius: 8px; color: var(--akismet-color-white); cursor: pointer; display: block; font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', 'Roboto', 'Oxygen-Sans', 'Ubuntu', 'Cantarell', 'Helvetica Neue', sans-serif; font-weight: 500; padding: 12px; text-align: center; text-decoration: none; transition: all 0.2s ease; } /* Extra specificity to deal with TwentyTwentyOne focus style */ .widget .a-stats a.a-stats__link:focus { background: var(--akismet-color-mid-green); color: var(--akismet-color-white); text-decoration: none; } .a-stats a.a-stats__link:hover { filter: brightness(110%); box-shadow: 0 4px 12px rgba(0, 0, 0, 0.06), 0 0 2px rgba(0, 0, 0, 0.16); } .a-stats .count { color: var(--akismet-color-white); display: block; font-size: 1.5em; line-height: 1.4; padding: 0 13px; white-space: nowrap; } </style> <script type="text/javascript" src="https://adsecurity.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1" id="jquery-core-js"></script> <script type="text/javascript" src="https://adsecurity.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1" id="jquery-migrate-js"></script> <script defer type="text/javascript" src="https://adsecurity.org/wp-content/themes/graphene/bootstrap/js/bootstrap.min.js?ver=2.8.4" id="bootstrap-js"></script> <script defer type="text/javascript" src="https://adsecurity.org/wp-content/themes/graphene/js/bootstrap-hover-dropdown/bootstrap-hover-dropdown.min.js?ver=2.8.4" id="bootstrap-hover-dropdown-js"></script> <script defer type="text/javascript" src="https://adsecurity.org/wp-content/themes/graphene/js/bootstrap-submenu/bootstrap-submenu.min.js?ver=2.8.4" id="bootstrap-submenu-js"></script> <script defer type="text/javascript" src="https://adsecurity.org/wp-content/themes/graphene/js/jquery.infinitescroll.min.js?ver=2.8.4" id="infinite-scroll-js"></script> <script type="text/javascript" id="graphene-js-extra"> /* <![CDATA[ */ var grapheneJS = {"siteurl":"https:\/\/adsecurity.org","ajaxurl":"https:\/\/adsecurity.org\/wp-admin\/admin-ajax.php","templateUrl":"https:\/\/adsecurity.org\/wp-content\/themes\/graphene","isSingular":"1","enableStickyMenu":"","shouldShowComments":"1","commentsOrder":"newest","sliderDisable":"","sliderInterval":"7000","infScrollBtnLbl":"Load more","infScrollOn":"","infScrollCommentsOn":"","totalPosts":"1","postsPerPage":"10","isPageNavi":"","infScrollMsgText":"Fetching window.grapheneInfScrollItemsPerPage of window.grapheneInfScrollItemsLeft items left ...","infScrollMsgTextPlural":"Fetching window.grapheneInfScrollItemsPerPage of window.grapheneInfScrollItemsLeft items left ...","infScrollFinishedText":"All loaded!","commentsPerPage":"50","totalComments":"1","infScrollCommentsMsg":"Fetching window.grapheneInfScrollCommentsPerPage of window.grapheneInfScrollCommentsLeft comments left ...","infScrollCommentsMsgPlural":"Fetching window.grapheneInfScrollCommentsPerPage of window.grapheneInfScrollCommentsLeft comments left ...","infScrollCommentsFinishedMsg":"All comments loaded!","disableLiveSearch":"1","txtNoResult":"No result found.","isMasonry":""}; /* ]]> */ </script> <script defer type="text/javascript" src="https://adsecurity.org/wp-content/themes/graphene/js/graphene.js?ver=2.8.4" id="graphene-js"></script> <script type="text/javascript" id="wpstg-global-js-extra"> /* <![CDATA[ */ var wpstg = {"nonce":"bdb339c904"}; /* ]]> */ </script> <script type="text/javascript" src="https://adsecurity.org/wp-content/plugins/wp-staging-pro/assets/js/dist/wpstg-blank-loader.min.js?ver=6.5.5" id="wpstg-global-js"></script> <link rel="https://api.w.org/" href="https://adsecurity.org/index.php?rest_route=/" /><link rel="alternate" type="application/json" href="https://adsecurity.org/index.php?rest_route=/wp/v2/pages/399" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://adsecurity.org/xmlrpc.php?rsd" /> <meta name="generator" content="WordPress 6.5.5" /> <link rel="canonical" href="https://adsecurity.org/?page_id=399" /> <link rel='shortlink' href='https://adsecurity.org/?p=399' /> <link rel="alternate" type="application/json+oembed" href="https://adsecurity.org/index.php?rest_route=%2Foembed%2F1.0%2Fembed&url=https%3A%2F%2Fadsecurity.org%2F%3Fpage_id%3D399" /> <link rel="alternate" type="text/xml+oembed" href="https://adsecurity.org/index.php?rest_route=%2Foembed%2F1.0%2Fembed&url=https%3A%2F%2Fadsecurity.org%2F%3Fpage_id%3D399&format=xml" /> <script> WebFontConfig = { google: { families: ["Lato:400,400i,700,700i&display=swap"] } }; (function(d) { var wf = d.createElement('script'), s = d.scripts[0]; wf.src = 'https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js'; wf.async = true; s.parentNode.insertBefore(wf, s); })(document); </script> <style type="text/css"> .header_title, .header_title a, .header_title a:visited, .header_title a:hover, .header_desc {color:#000000}.carousel, .carousel .item{height:400px}@media (max-width: 991px) {.carousel, .carousel .item{height:250px}}#header{max-height:198px}@media (min-width: 1200px) {.container {width:1280px}} </style> <script type="application/ld+json">{"@context":"http:\/\/schema.org","@type":"WebPage","mainEntityOfPage":"https:\/\/adsecurity.org\/?page_id=399","publisher":{"@type":"Organization","name":"Active Directory Security"},"headline":"Security Resources","datePublished":"2014-10-29T21:10:53+00:00","dateModified":"2018-10-10T00:25:56+00:00","description":"This page is a reference with security documents, posts, videos and presentations I find useful for staying up to date on current security issues and exploits. Last Updated: May 2016 Note that this page isn't actively updated. Visit the Attack, Defense, &\u00a0Detection\u00a0page for updated content.   Microsoft Enterprise & Active Directory Security Documents (& Blog ...","author":{"@type":"Person","name":"Sean Metcalf"}}</script> <style type="text/css">.recentcomments a{display:inline !important;padding:0 !important;margin:0 !important;}</style><meta property="og:type" content="article" /> <meta property="og:title" content="Security Resources" /> <meta property="og:url" content="https://adsecurity.org/?page_id=399" /> <meta property="og:site_name" content="Active Directory Security" /> <meta property="og:description" content="This page is a reference with security documents, posts, videos and presentations I find useful for staying up to date on current security issues and exploits. Last Updated: May 2016 Note that this page isn't actively updated. Visit the Attack, Defense, & Detection page for updated content.   Microsoft Enterprise & Active Directory Security Documents (& Blog ..." /> <meta property="og:updated_time" content="2018-10-10T00:25:56+00:00" /> <meta property="article:modified_time" content="2018-10-10T00:25:56+00:00" /> <meta property="article:published_time" content="2014-10-29T21:10:53+00:00" /> </head> <body class="page-template-default page page-id-399 custom-background wp-embed-responsive layout-boxed two_col_left two-columns singular"> <div class="container boxed-wrapper"> <div id="top-bar" class="row clearfix top-bar "> <div class="col-md-12 top-bar-items"> <ul class="social-profiles"> <li class="social-profile social-profile-rss"> <a href="https://adsecurity.org/?feed=rss2" title="Subscribe to Tech, News, and Other Ideations's RSS feed" id="social-id-1" class="mysocial social-rss"> <i class="fa fa-rss"></i> </a> </li> </ul> <button type="button" class="search-toggle navbar-toggle collapsed" data-toggle="collapse" data-target="#top_search"> <span class="sr-only">Toggle search form</span> <i class="fa fa-search-plus"></i> </button> <div id="top_search" class="top-search-form"> <form class="searchform" method="get" action="https://adsecurity.org"> <div class="input-group"> <div class="form-group live-search-input"> <label for="s" class="screen-reader-text">Search for:</label> <input type="text" id="s" name="s" class="form-control" placeholder="Search"> </div> <span class="input-group-btn"> <button class="btn btn-default" type="submit"><i class="fa fa-search"></i></button> </span> </div> </form> </div> </div> </div> <div id="header" class="row"> <img src="https://adsecurity.org/wp-content/themes/graphene/images/headers/fluid.jpg" alt="Active Directory Security" title="Active Directory Security" width="960" height="198" /> </div> <nav class="navbar row navbar-inverse"> <div class="navbar-header align-center"> <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#header-menu-wrap, #secondary-menu-wrap"> <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <p class="header_title"> <a href="https://adsecurity.org" title="Go back to the front page"> Active Directory Security </a> </p> <p class="header_desc">Active Directory & Enterprise Security, Methods to Secure Active Directory, Attack Methods & Effective Defenses, PowerShell, Tech Notes, & Geek Trivia…</p> </div> <div class="collapse navbar-collapse" id="header-menu-wrap"> <ul class="nav navbar-nav flip"><li ><a href="https://adsecurity.org/">Home</a></li><li class="menu-item menu-item-8"><a href="https://adsecurity.org/?page_id=8" >About</a></li><li class="menu-item menu-item-41"><a href="https://adsecurity.org/?page_id=41" >AD Resources</a></li><li class="menu-item menu-item-4031"><a href="https://adsecurity.org/?page_id=4031" >Attack Defense & Detection</a></li><li class="menu-item menu-item-293"><a href="https://adsecurity.org/?page_id=293" >Contact</a></li><li class="menu-item menu-item-1821"><a href="https://adsecurity.org/?page_id=1821" >Mimikatz</a></li><li class="menu-item menu-item-1352"><a href="https://adsecurity.org/?page_id=1352" >Presentations</a></li><li class="menu-item menu-item-195"><a href="https://adsecurity.org/?page_id=195" >Schema Versions</a></li><li class="menu-item menu-item-399 current-menu-item"><a href="https://adsecurity.org/?page_id=399" >Security Resources</a></li><li class="menu-item menu-item-183"><a href="https://adsecurity.org/?page_id=183" >SPNs</a></li><li class="menu-item menu-item-2532"><a href="https://adsecurity.org/?page_id=2532" >Top Posts</a></li></ul> </div> </nav> <div id="content" class="clearfix hfeed row"> <div id="content-main" class="clearfix content-main col-md-8"> <div id="post-399" class="clearfix post post-399 page type-page status-publish hentry nodate item-wrap"> <div class="entry clearfix"> <h1 class="post-title entry-title"> Security Resources </h1> <div class="entry-content clearfix"> <p>This page is a reference with security documents, posts, videos and presentations I find useful for staying up to date on current security issues and exploits.<br /> <em>Last Updated: May 2016</em></p> <p><strong><em>Note that this page isn’t actively updated. Visit the <a href="https://adsecurity.org/?page_id=4031">Attack, </a><a href="https://adsecurity.org/?page_id=4031">Defense</a><a href="https://adsecurity.org/?page_id=4031">, & </a><a href="https://adsecurity.org/?page_id=4031">Detection</a><a href="https://adsecurity.org/?page_id=4031"> page</a> for updated content.</em></strong></p> <p> </p> <h4>Microsoft Enterprise & Active Directory Security Documents (& Blog Posts):</h4> <ul> <li><a href="http://www.microsoft.com/en-us/download/details.aspx?id=38785">Best Practices for Securing Active Directory</a> (Microsoft IT) Published April 2013. (Microsoft Word document download) .</li> <li><a href="http://www.microsoft.com/en-us/download/details.aspx?id=36036">Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft, Version 1 and 2</a> (Microsoft) (PDF document download).</li> <li><a href="http://www.microsoft.com/en-us/download/details.aspx?id=21678">Best Practices for Delegating Active Directory Administration</a> (Microsoft) Published November 2003. (Microsoft Word document download) .</li> <li><a href="http://www.microsoft.com/en-us/download/confirmation.aspx?id=16849">Active Directory Domain Controller Operations Guide</a> (Microsoft) Published September 2008. (Microsoft Word document download).</li> <li><a href="http://blogs.technet.com/b/lrobins/archive/2011/06/23/quot-admin-free-quot-active-directory-and-windows-part-1-understanding-privileged-groups-in-ad.aspx">“Admin Free” Active Directory and Windows, Part 1- Understanding Privileged Groups in AD</a> (Blog post by Laura Robinson)</li> <li><a href="http://blogs.technet.com/b/lrobins/archive/2011/06/23/quot-admin-free-quot-active-directory-part-2-protected-accounts-and-groups-in-active-directory.aspx">“Admin Free” Active Directory and Windows, Part 2- Protected Accounts and Groups in Active Directory</a><a href="http://technet.microsoft.com/en-us/library/dn408187.aspx"> (Blog post by Laura Robinson)</a></li> <li><a href="http://technet.microsoft.com/en-us/library/dn408187.aspx">LSA (LSASS) Protection Option in Windows 8.1 & Windows Server 2012 R2</a> (technical article)</li> <li><a href="https://technet.microsoft.com/en-us/solutionaccelerators/cc835245">Microsoft Security Compliance Manager (SCM)</a> – Build configuration files and GPOs with Microsoft recommended enterprise security recommended settings based on Microsoft security guidelines.</li> <li><a href="https://www.microsoft.com/en-us/download/details.aspx?id=46899">Microsoft Local Administrator Password Solution (LAPS)</a> for randomizing local Administrator account password on all enterprise computers.</li> <li><a href="https://technet.microsoft.com/en-us/library/mt631194.aspx">Securing Privileged Access</a> – protecting administrative credentials with a “Privileged Access Workstation” to mitigate Pass-the-Hash (PTH). <ul> <li><a href="https://technet.microsoft.com/en-us/library/mt634654.aspx">Privileged Access Workstations</a> – Privileged Access Workstations (PAWs) provide a dedicated operating system for sensitive tasks that is protected from Internet attacks and threat vectors. Separating these sensitive tasks and accounts from the daily use workstations and devices provides very strong protection from phishing attacks, application and OS vulnerabilities, various impersonation attacks, and credential theft attacks such as keystroke logging, <a href="https://www.microsoft.com/en-us/download/details.aspx?id=36036">Pass-the-Hash</a>, and <a href="https://download.microsoft.com/download/7/7/A/77ABC5BD-8320-41AF-863C-6ECFB10CB4B9/Mitigating%20Pass-the-Hash%20%28PtH%29%20Attacks%20and%20Other%20Credential%20Theft%20Techniques_English.pdf">Pass-The-Ticket</a>.</li> <li><a href="https://technet.microsoft.com/en-us/library/mt631193.aspx">Securing Privileged Access Reference Material </a>– covers the administrative tiers and admin forest concept.</li> </ul> </li> <li><a href="https://technet.microsoft.com/en-us/security/jj653751">Microsoft Enhanced Mitigation Experience Toolkit (EMET)</a> – EMET helps prevent application vulnerabilities from being exploited (including some 0-days). It’s a free product that effectively “wraps” popular applications so when vulnerability exploitation is attempted, the attempt is stopped at the “wrapper” and doesn’t make it to the OS.</li> <li><a href="https://technet.microsoft.com/en-us/library/dd723686%28v=ws.10%29.aspx">Microsoft AppLocker</a> – AppLocker can be used to limit application execution to specific approved applications. There are several difference phases I recommend for AppLocker: <ul> <li>Phase 1: Audit Mode – audit all execution by users and the path they were run from. This logging mode provides information on what programs are run in the enterprise and this data is logged to the event log.</li> <li>Phase 2: “Blacklist Mode” – Configure AppLocker to block execution of any file in a user’s home directory, profile path, and temporary file location the user has write access to, such as c:\temp.</li> <li>Phase 3: “Folder Whitelist Mode” – Configure AppLocker to build on Phase 2 by adding new rules to only allow execution of files in specific folders such as c:\Windows and c:\Program Files.</li> <li>Phase 4: “Application Whitelisting” – Inventory all applications in use in the enterprise environment and whitelist those applications by path and/or file hash (preferably digital signature). This ensures that only approved organization applications will execute.</li> </ul> </li> </ul> <p><em>NOTE: <a href="http://subt0x10.blogspot.com/2015/11/your-whitelisting-application-has-no.html">Application whitelisting is not a panacea</a> and is a journey – it takes time to build a secure enterprise and every defensive layer helps, though each layer on its own may not be enough to stop an attack.</em></p> <p> </p> <p>Raphael Mudge (@armitagehacker) has great resources (and videos) describing red team actions and is extremely helpful in understanding how attackers compromise an environment. While much of the content is specific to Cobalt Strike, it’s a treasure trove of red team information. Highly recommended!<br /> <a href="http://blog.cobaltstrike.com/2015/09/30/advanced-threat-tactics-course-and-notes/">http://blog.cobaltstrike.com/2015/09/30/advanced-threat-tactics-course-and-notes/ </a></p> <p> </p> <h4>ADSecurity.org Active Directory Security Posts:</h4> <ul> <li><a href="https://adsecurity.org/?p=1684">The Most Common Active Directory Security Issues and What You Can Do to Fix Them</a></li> <li><a href="https://adsecurity.org/?p=2362">Attack Methods for Gaining Domain Admin Rights in Active Directory</a></li> <li><a href="https://adsecurity.org/?p=2398">How Attackers Dump Active Directory Database Credentials</a></li> <li><a href="https://adsecurity.org/?p=2293">Cracking Kerberos TGS Tickets Using Kerberoast – Exploiting Kerberos to Compromise the Active Directory Domain</a></li> <li><a href="https://adsecurity.org/?p=2288">Finding Passwords in SYSVOL & Exploiting Group Policy Preferences</a></li> <li><a href="https://adsecurity.org/?tag=ms14068">MS14-068 Vulnerability, Exploitation, and Exploit Detection </a></li> <li><a href="https://adsecurity.org/?p=1929">Sneaky Active Directory Persistence Tricks </a></li> <li><a href="https://adsecurity.org/?p=227">Kerberos, Active Directory’s Secret Decoder Ring </a></li> <li>K<a href="https://adsecurity.org/?p=483">erberos & KRBTGT: Active Directory’s Domain Kerberos Service Account </a></li> <li><a href="https://adsecurity.org/?p=1640">Golden Tickets are Now More Golden</a></li> <li><a href="https://adsecurity.org/?p=2011">How Attackers Use Kerberos Silver Tickets to Exploit Systems</a></li> <li><a href="https://adsecurity.org/?p=1790">Microsoft Local Administrator Password Solution (LAPS) </a></li> <li><strong><a href="https://adsecurity.org/?page_id=1821">Mimikatz Guide and Command Reference</a></strong></li> <li><a href="https://adsecurity.org/?p=1729">Mimikatz DCSync Usage, Exploitation, and Detection </a></li> <li><a href="https://adsecurity.org/?p=2053">Dump Clear-Text Passwords for All Admins in the Domain Using Mimikatz DCSync </a></li> <li>G<a href="https://adsecurity.org/?p=1681">reat Active Directory Attack & Defense Resources </a></li> <li><a href="https://adsecurity.org/?p=1667">Active Directory Security Risk #101: Kerberos Unconstrained Delegation </a></li> <li><a href="https://adsecurity.org/?p=1588">It’s All About Trust – Forging Kerberos Trust Tickets to Spoof Access across Active Directory Trusts </a></li> <li> <a href="https://adsecurity.org/?p=1535">Windows 10 Microsoft Passport (aka Microsoft Next Generation Credential) In Detail </a></li> <li><a href="https://adsecurity.org/?p=1515"> Detecting Forged Kerberos Ticket (Golden Ticket & Silver Ticket) Use in Active Directory </a></li> <li><a href="https://adsecurity.org/?p=1508">SPN Scanning – Service Discovery without Network Port Scanning </a></li> <li><a href="https://adsecurity.org/?p=230">Active Directory Pentest Recon Part 1: SPN Scanning aka Mining Kerberos Service Principal Names </a></li> <li><a href="https://adsecurity.org/?p=1255">Active Directory Domain Controller Skeleton Key Malware & Mimikatz </a></li> <li><a href="https://adsecurity.org/?p=1275">Attackers Can Now Use Mimikatz to Implant Skeleton Key on Domain Controllers & BackDoor Your Active Directory Forest </a></li> <li><a href="https://adsecurity.org/?p=1232">PowerShell Security: Execution Policy is Not An Effective Security Strategy – How to Bypass the PowerShell Execution Policy </a></li> <li><a href="https://adsecurity.org/?p=1001">Interesting Windows Computer & Active Directory Well-Known Security Identifiers (SIDs)</a></li> <li><a href="https://adsecurity.org/?p=384">Using Group Policy Preferences for Password Management = Bad Idea </a></li> <li><a href="https://adsecurity.org/?p=63">Group Policy Preferences Password Vulnerability Now Patched </a></li> <li><a href="https://adsecurity.org/?p=559">Microsoft KB2871997: Back-Porting Windows 8.1/Win2012R2 Enhanced Security & Pass The Hash Mitigation to Windows 7, Windows 8, & Windows 2008R2 </a></li> <li><a href="https://adsecurity.org/?p=464">The Ultimate Movie Hacking Tool – Command Shell at Windows Logon Screen (via “StickyKeys”)</a></li> <li><a href="https://adsecurity.org/?p=429">PowerShell for Pentesters </a></li> <li><a href="https://adsecurity.org/?p=342">Black Hat USA 2014 Presentation: Investigating PowerShell Attacks </a></li> <li><a href="https://adsecurity.org/?p=425">Active Directory Domain Trusts & Trust Password Management </a></li> <li><a href="https://adsecurity.org/?p=274">Read-Only Domain Controller (RODC) Information </a></li> <li><a href="https://adsecurity.org/?p=280">Machine Account (AD Computer Object) Password Updates </a></li> <li><a href="https://adsecurity.org/?p=113">PowerShell: Using Active Directory .Net methods in PowerShell Part 1 </a></li> <li><a href="https://adsecurity.org/?p=192">PowerShell: Using Active Directory .Net methods in PowerShell Part 2 </a></li> <li><a href="https://adsecurity.org/?tag=microsoftemet">Posts on Microsoft Enhanced Mitigation Experience Toolkit (EMET) 5 & Protection Methods </a></li> <li><a href="https://adsecurity.org/?p=267">Active Directory 2012 DCPromo </a></li> <li><a href="https://adsecurity.org/?p=81">PowerShell Code: Get & Set Active Directory Tombstone Lifetime and Active Directory Delete & Recycle Operations </a></li> </ul> <p> </p> <h3>Sean Metcalf’s (ADSecurity.org) Active Directory Security Presentations</h3> <ul> <li><a href="https://adsecurity.org/?p=1738">DerbyCon V (2015): Red vs. Blue: Modern Active Directory Attacks & Defense Talk Detail </a></li> <li><a href="https://adsecurity.org/?p=1632">DEF CON 23 (2015) Red vs Blue: Modern Active Directory Attacks & Defense Talk Detail </a></li> <li><a href="https://adsecurity.org/?p=1612">Black Hat USA 2015 Red vs Blue Active Directory Attack & Defense Talk Detail </a></li> </ul> <h3></h3> <h3>Other Great Enterprise & AD Security Resources</h3> <ul> <li><a href="https://community.rapid7.com/community/infosec/blog/2014/09/16/mitigating-service-account-credential-theft">Mitigating Service Account Credential Theft </a>(Rapid 7) Published September 2014.</li> </ul> <p> </p> <h3>Microsoft Ignite 2015 Security Sessions</h3> <p><strong>Windows Security Sessions:</strong></p> <p>How to Protect Your Corporate Resources from Advanced Attacks (Microsoft Advanced Threat Analytics, formerly Aorato)<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK3870">https://channel9.msdn.com/Events/Ignite/2015/BRK3870</a><br /> Demi Albuz, Michael Dubinsky, Benny Lakunishok, Idan Plotnik<br /> <a href="http://video.ch9.ms/sessions/ignite/2015/decks/BRK3870_Albuz.pptx">Slides</a> (<a href="http://view.officeapps.live.com/op/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK3870_Albuz.pptx">view online</a>)</p> <p>How You Can Hack-Proof Your Clients and Servers in a Day<br /> Hasain Alshakarti, Marcus Murray<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK2346">https://channel9.msdn.com/Events/Ignite/2015/BRK2346</a></p> <p>Hacker Tools for Ethical Hackers to Protect Windows Clients<br /> Raymond Comvalius, Erdal Ozkaya<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK2332">https://channel9.msdn.com/Events/Ignite/2015/BRK2332<br /> </a><a href="http://video.ch9.ms/sessions/ignite/2015/decks/BRK2332_Ozkaya.pptx">Slides</a> (<a href="http://view.officeapps.live.com/op/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2332_Ozkaya.pptx">view online</a>)</p> <p>Detecting the Undetectable<br /> Roger Grimes<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK2344">https://channel9.msdn.com/Events/Ignite/2015/BRK2344<br /> </a><a href="http://video.ch9.ms/sessions/ignite/2015/decks/BRK2344_Grimes.pptx">Slides</a> (<a href="http://view.officeapps.live.com/op/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2344_Grimes.pptx">view online</a>)</p> <p>Adventures in Underland: What Your System Stores on the Disk without Telling You<br /> Paula Januszkiewicz<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK3320">https://channel9.msdn.com/Events/Ignite/2015/BRK3320</a></p> <p>Hidden Talents: Things Administrators Never Expect from Their Users Regarding Security<br /> Paula Januszkiewicz<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK3323">https://channel9.msdn.com/Events/Ignite/2015/BRK3323</a></p> <p>The Ultimate Hardening Guide: What to Do to Make Hackers Pick Someone Else<br /> Paula Januszkiewicz<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK3343">https://channel9.msdn.com/Events/Ignite/2015/BRK3343</a></p> <p>Black Belt Security with Windows 10<br /> Sami Laiho<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK3336">https://channel9.msdn.com/Events/Ignite/2015/BRK3336</a></p> <p>Zero Admins – Zero Problems<br /> Sami Laiho<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK2335">https://channel9.msdn.com/Events/Ignite/2015/BRK2335</a><br /> <a href="http://video.ch9.ms/sessions/ignite/2015/decks/BRK2335_Laiho.pptx">Slides</a> (<a href="http://view.officeapps.live.com/op/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2335_Laiho.pptx">view online</a>)</p> <p>Barbarians Inside the Gates: Protecting against Credential Theft and Pass the Hash Today<br /> Aaron Margosis, Mark Simos<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK2334">https://channel9.msdn.com/Events/Ignite/2015/BRK2334<br /> </a><a href="http://video.ch9.ms/sessions/ignite/2015/decks/BRK2334_Margosis.pptx">Slides</a> (<a href="http://view.officeapps.live.com/op/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2334_Margosis.pptx">view online</a>)</p> <p>Advanced Windows Defense<br /> Erdal Ozkaya<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK2311">https://channel9.msdn.com/Events/Ignite/2015/BRK2311</a><br /> <a href="http://video.ch9.ms/sessions/ignite/2015/decks/BRK2311_Ozkaya.pptx">Slides</a> (<a href="http://view.officeapps.live.com/op/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2311_Ozkaya.pptx">view online</a>)</p> <p>Zombies in Social Networks<br /> Erdal Ozkaya<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK2315">https://channel9.msdn.com/Events/Ignite/2015/BRK2315<br /> </a><a href="http://video.ch9.ms/sessions/ignite/2015/decks/BRK2315_Ozkaya.pptx">Slides</a> (<a href="http://view.officeapps.live.com/op/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2315_Ozkaya.pptx">view online</a>)</p> <p>Modern Hardening: Lessons Learned on Hardening Applications and Services<br /> Shawn Rabourn, Mark Simos<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK3486">https://channel9.msdn.com/Events/Ignite/2015/BRK3486</a></p> <p> </p> <p><strong>Windows 10 Security Sessions:</strong><br /> Dropping the Hammer Down on Malware Threats with Windows 10’s Device Guard<br /> Scott Anderson, Jeffrey Sutherland<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK2336">https://channel9.msdn.com/Events/Ignite/2015/BRK2336</a><br /> <a class="slides" href="http://video.ch9.ms/sessions/ignite/2015/decks/BRK2336_Sutherland.pptx">Slides</a> (<a href="http://view.officeapps.live.com/op/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2336_Sutherland.pptx">view online</a>)</p> <p>The End Game for Passwords and Credential Theft?<br /> Nelly Porter<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK2333">https://channel9.msdn.com/Events/Ignite/2015/BRK2333</a><br /> <a class="slides" href="http://video.ch9.ms/sessions/ignite/2015/decks/BRK2333_Porter.pptx">Slides</a> (<a href="http://view.officeapps.live.com/op/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2333_Porter.pptx">view online</a>)</p> <p>Overview of Windows 10 for Enterprises<br /> Jeremy Chapman, Dustin Ingalls<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/THR0342">https://channel9.msdn.com/Events/Ignite/2015/THR0342</a></p> <p>Windows 10: Disrupting the Revolution of Cyber-Threats with Revolutionary Security!<br /> Chris Hallum, Dustin Ingalls<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK2306">https://channel9.msdn.com/Events/Ignite/2015/BRK2306<br /> </a><a href="http://video.ch9.ms/sessions/ignite/2015/decks/BRK2306_Hallum.pptx">Slides</a> (<a href="http://view.officeapps.live.com/op/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2306_Hallum.pptx">view online</a>)</p> <p>A New Era of Threat Resistance for the Windows 10 Platform<br /> Chris Hallum, Dustin Ingalls<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK2325">https://channel9.msdn.com/Events/Ignite/2015/BRK2325<br /> </a><a href="http://video.ch9.ms/sessions/ignite/2015/decks/BRK2325_Hallum.pptx">Slides</a> (<a href="http://view.officeapps.live.com/op/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2325_Hallum.pptx">view online</a>)</p> <p>Next Generation Malware Detection with Windows Defender<br /> Dustin Ingalls, Deepak Manohar<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK2327">https://channel9.msdn.com/Events/Ignite/2015/BRK2327</a><br /> <a class="slides" href="http://video.ch9.ms/sessions/ignite/2015/decks/BRK2327_Manohar.pptx">Slides</a> (<a href="http://view.officeapps.live.com/op/view.aspx?src=http%3a%2f%2fvideo.ch9.ms%2fsessions%2fignite%2f2015%2fdecks%2fBRK2327_Manohar.pptx">view online</a>)</p> <p><strong>Misc:</strong></p> <p>Sysinternals Primer: Ignite 2015 Edition<br /> Aaron Margosis<br /> <a href="https://channel9.msdn.com/Events/Ignite/2015/BRK3337">https://channel9.msdn.com/Events/Ignite/2015/BRK3337<br /> </a></p> <h3>Active Directory Security Presentations (<a href="https://www.youtube.com/playlist?list=PLStO1VqVBvmHev5qaNDl78oSzuHcXDDsk">DerbyCon 2014 Videos</a>):</h3> <ul> <li><a href="https://www.youtube.com/watch?v=sTU-70dD-Ok&list=PLStO1VqVBvmHev5qaNDl78oSzuHcXDDsk&index=6">Abusing Active Directory in Post Exploitation – Carlos Perez </a></li> <li><a href="https://www.youtube.com/watch?v=RIRQQCM4wz8&list=PLStO1VqVBvmHev5qaNDl78oSzuHcXDDsk&index=10">Et tu Kerberos – Christopher Campbell </a></li> <li><a href="https://www.youtube.com/watch?v=uccM2xtE5SA&list=PLStO1VqVBvmHev5qaNDl78oSzuHcXDDsk&index=65">Active Directory Real Defense for Domain Admins – Jason Lang</a></li> <li><a href="https://www.youtube.com/watch?v=PUyhlN-E5MU&index=59&list=PLStO1VqVBvmHev5qaNDl78oSzuHcXDDsk">Attacking Microsoft Kerberos Kicking the Guard Dog of Hades – Tim Medin</a></li> <li><a href="http://www.scriptjunkie.us/2013/09/the-infosec-revival-derbycon-2013/">DerbyCon 2013: The InfoSec Revival – Scriptjunkie<br /> </a></li> </ul> <h3> Active Directory Security Presentations (<a href="https://www.youtube.com/playlist?list=UUbbgnifxfH-nqx6z9XQ963Q">Black Hat USA 2014 Videos</a>):</h3> <ul> <li><a href="https://www.youtube.com/watch?v=-IMrNGPZTl0&index=4&list=UUbbgnifxfH-nqx6z9XQ963Q">Abusing Microsoft Kerberos Sorry You Guys Don’t Get It (aka the Mimikatz Golden Ticket Presentation) – Skip Duckwall & Benjamin Delpy</a></li> <li><a href="https://www.youtube.com/watch?v=Z0eRS5JVxXs&index=57&list=UUbbgnifxfH-nqx6z9XQ963Q">Forensics Investigating: PowerShell Attacks – Ryan Kazanciyan</a> & <a href="http://www.fireeye.com/resources/pdfs/fireeye-lazanciyan-investigating-powershell-attacks.pdf">Whitepaper (PDF download)</a></li> </ul> <h3>Active Directory Security Presentations (<a href="http://channel9.msdn.com/Events/TechEd/NorthAmerica/2014">TechEd USA 2014 Videos & Presentation files</a>):</h3> <ul> <li>TWC: <a href="http://channel9.msdn.com/Events/TechEd/NorthAmerica/2014/DCIM-B359">Pass-the-Hash: How Attackers Spread and How to Stop Them</a><br /> Date: May 13, 2014 from 1:30PM to 2:45PM<br /> DCIM-B359<br /> Speakers: Nathan Ide, Mark Russinovich<br /> <a href="http://video.ch9.ms/sessions/teched/na/2014/DCIM-B359-mobile.mp4">Download Mp4</a><br /> <a href="http://video.ch9.ms/sessions/teched/na/2014/DCIM-B359.pptx">PPTX Slides</a></li> <li>TWC: <a href="http://channel9.msdn.com/Events/TechEd/NorthAmerica/2014/DCIM-B213">Pass-the-Hash and Credential Theft Mitigation Architectures</a><br /> Date: May 14, 2014 from 1:30PM to 2:45PM<br /> DCIM-B213<br /> Speakers: Nicholas DiCola, Mark Simos<br /> <a href="http://video.ch9.ms/sessions/teched/na/2014/DCIM-B213-mobile.mp4">Download Mp4</a><br /> <a href="http://video.ch9.ms/sessions/teched/na/2014/DCIM-B213.pptx"> PPTX Slides</a></li> </ul> <h3> Pass-the-Hash & Kerberos Attack Resources:</h3> <ul> <li><a href="http://www.slideshare.net/gentilkiwi/bluehat-2014realitybites">BlueHat 2014 Slides: Reality Bites: The Attacker’s View of Windows Authentication and Post-exploitation – Chris Campbell, Benjamin Delpy, & Skip Duckwall</a></li> <li><a href="https://media.blackhat.com/us-13/US-13-Duckwall-Pass-the-Hash-WP.pdf">BlackHat USA 2013 Slides: Microsoft’s Credential Problem – Skip Duckwall & Chris Campbell</a></li> <li><a href="https://www.youtube.com/watch?v=-IMrNGPZTl0&index=4&list=UUbbgnifxfH-nqx6z9XQ963Q">Abusing Kerberos (aka the Mimikatz Golden Ticket Presentation) BlackHat USA 2014 Presentation Video – Skip Duckwall & Benjamin Delpy</a></li> <li><a href="http://passing-the-hash.blogspot.com/2014/08/mimikatz-and-golden-tickets-whats-bfd.html">Mimikatz and Golden Tickets… What’s the BFD? BlackHat USA 2014 Redux part 1 </a></li> <li><a href="http://passing-the-hash.blogspot.com/2014/03/dontgetpth.html">Why We Don’t Get It and Why We Shouldn’t (blog post)</a></li> <li><a href="http://passing-the-hash.blogspot.com/2014/03/guest-post-lets-talk-about-pass-hash-by.html">Let’s talk about Pass-the-Hash</a> (blog post)</li> <li><a href="http://cert.europa.eu/static/WhitePapers/CERT-EU-SWP_14_07_PassTheGolden_Ticket_v1_1.pdf">Pass The Golden Ticket Protection from Kerberos – Golden Ticket Mitigating pass the ticket on Active Directory</a> (CERT EU Whitepaper)</li> <li><a href="https://www.nsa.gov/ia/_files/app/Reducing_the_Effectiveness_of_Pass-the-Hash.pdf">NSA whitepaper: Reducing the Effectiveness of Pass-the-Hash </a>(published November 2013)</li> <li><a href="http://www.rsaconference.com/writable/presentations/file_upload/hta-w03-pass-the-hash-how-attackers-spread-and-how-to-stop-them.pdf">RSA Conference 2014 Video: Pass-the-Hash: How Attackers Spread and How to Stop Them (Mark Russinovich & Nathan Ide)</a></li> </ul> <h3>General Hacking Videos:</h3> <p><a href="http://blog.cobaltstrike.com/2015/09/30/advanced-threat-tactics-course-and-notes/">Advanced Threat Tactics Course and Notes – Great coverage of attack methodology and tactics.</a></p> <h4>Hacking History:</h4> <ul> <li><a href="http://www.securitytube.net/video/30">History Of Hacking Part 1 </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/31">History Of Hacking Part 2 </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/32">History Of Hacking Part 3 </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/33">History Of Hacking Part 4 </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/34">History Of Hacking Part 5 </a> (SecurityTube)</li> </ul> <h4>Networking:</h4> <ul> <li><a href="http://www.securitytube.net/video/63">Packet Sniffing Using Wireshark </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/1756">Wireless Lan Security Megaprimer Part 1: Getting Started </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/1757">Wireless Lan Security Megaprimer Part 2: Bands, Channels And Sniffing </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/1761">Wireless Lan Security Megaprimer Part 3: Pwning Beacon Frames </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/1763">Wireless Lan Security Megaprimer Part 4: Dissecting Ap-Client Connections </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/1773">Wireless Lan Security Megaprimer Part 6: Pwning Hidden Ssids </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/1776">Wireless Lan Security Megaprimer Part 8: Hacking Wlan Authentication </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/1779">Wireless Lan Security Megaprimer Part 9: Hotspot Attacks </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/1781">Wireless Lan Security Megaprimer Part 11:Alfa Card Kung-Fu </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/1782">Wireless Lan Security Megaprimer Part 12: Man-In-The-Middle Attack </a> (SecurityTube)</li> <li> <div class="title"><a href="http://www.securitytube.net/video/1921">Wlan Security Megaprimer Part 26: Cracking Wpa/Wpa2-Psk With Just The Client</a> (SecurityTube)</div> </li> <li><a href="http://www.securitytube.net/video/613">Cracking Wep And Breaking Into The Wireless Router </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/152">Cracking Wpa Psk With Aircrackng </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/2661">Cracking Wifi Wpa/Wps Easily Using Reaver 1.1 </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/775">Router Hacking Part 1 (The Basics) </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/776">Router Hacking Part 2 (Service Enumeration, Fingerprinting And Default Accounts) </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/777">Router Hacking Part 3 (Bruteforcing And Dictionary Attacks With Hydra)</a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/778">Router Hacking Part 4 (Snmp Attacks Using Snmpcheck) </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/782">Router Hacking Part 6 (Dictionary Attack Using Metasploit On Snmp) </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/4999">Bypass Hotspot Login Page For Accessing Internet </a> (SecurityTube)</li> </ul> <h4>MetaSploit:</h4> <ul> <li><a href="http://www.securitytube.net/video/1175">Metasploit Megaprimer (Exploitation Basics And Need For Metasploit) Part 1</a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/1176">Metasploit Megaprimer (Getting Started With Metasploit) Part 2 </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/1181">Metasploit Megaprimer Part 3 (Meterpreter Basics And Using Stdapi) </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/836">Metasploit Meterpreter Reverse Tcp Basics </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/1123">Hacking Through The Windows Firewall Using Metasploit </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/2556">Metasploit Framework Expert Part 1 (Exploitation Basics) </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/2563">Metasploit Framework Expert Part 2 ( Why Metasploit?) </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/2564">Metasploit Framework Expert Part 3 ( Meterpreter Basics ) </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/2601">Metasploit Framework Expert ( Armitage ) </a> (SecurityTube)</li> </ul> <h4>Services:</h4> <ul> <li><a href="http://www.securitytube.net/video/2">Dns Zone Transfer Using Dig</a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/152">Ssl Man-IN-The-Middle (MITM) Attack Over Wireless </a> (SecurityTube)</li> <li> <div class="title"><a href="http://www.securitytube.net/video/157">Defeating Ssl Using Sslstrip (Marlinspike Blackhat)</a> (SecurityTube)</div> </li> <li><a href="http://www.securitytube.net/video/269">Sql Injection On Steroids With Sqlmap </a> (SecurityTube)</li> </ul> <h4>Programming:</h4> <ul> <li><a href="http://www.securitytube.net/video/610">Python Programming Language Lectures From MIT </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/1142">Offensive Python For Web Hackers (Blackhat) </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/3786">Securitytube Python Scripting Expert (Spse) Course And Certification </a> (SecurityTube)</li> </ul> <h4>Wireshark:</h4> <ul> <li><a href="http://www.securitytube.net/video/432">Analyze A Bot Infected Host With Wireshark </a> (SecurityTube)</li> </ul> <h4>Other:</h4> <ul> <li><a href="http://www.securitytube.net/video/1220">Scenario Based Hacking Part 1 (No Patches, No Av, Direct Access) </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/1756">Buffer Overflow Primer Part 1 (Smashing The Stack) </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/152">Ten Cool Things You Did Not Know About Your Hard Drive </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/1389">Exploit Research Megaprimer Part 1 Topic Introduction By Vivek </a> (SecurityTube)</li> <li><a href="http://www.securitytube.net/video/137">How To Make Files Undetectable By Anti Virus </a> (SecurityTube)</li> </ul> <p> </p> <h3>Security (Hack) Tools:</h3> <ul> <li><a href="http://www.kali.org/">Kali Linux OS with integrated hacking tools</a></li> <li><a href="https://www.wireshark.org/">WireShark Packet Sniffing Tool</a></li> <li><a href="http://www.ntdsxtract.com/">NTDSXtract</a> – A framework for offline forensic analysis of NTDS.DIT</li> <li><a href="http://www.ampliasecurity.com/research/wcefaq.html">Windows Credential Editor (WCE)</a></li> <li><a href="https://github.com/gentilkiwi/mimikatz/releases/tag/2.0.0-alpha-20141010">Mimikatz</a> – tool to extract password data from LSASS & create silver and golden tickets</li> <li><a href="https://www.trustedsec.com/social-engineer-toolkit/">The Social Engineer Toolkit (SE Toolkit)</a> [included in Kali]</li> <li><a href="http://www.metasploit.com/">MetaSploit </a>– pentesting tool [included in Kali]</li> <li><a href="http://nmap.org/">nmap</a> – best network scanning tool [included in Kali]</li> <li><a href="http://hashcat.net/oclhashcat/">HashCat</a> – password cracker</li> <li><a href="http://www.fastandeasyhacking.com/">Armitage </a>– simple front end for Metasploit</li> <li><a href="https://code.google.com/p/wifite/">WiFite </a>– WiFi wireless cracking</li> </ul> <h3>Defense Tools:</h3> <ul> <li><a href="https://adsecurity.org/?p=157">Microsoft EMET</a></li> <li><a href="http://technet.microsoft.com/en-us/sysinternals/dn798348.aspx%20">Microsoft Sysmon Enhanced Event Logging</a></li> </ul> <p> </p> <p style="text-align: left;"> <em><strong>General Disclaimer:<br /> This information is for educational purposes only. Using this information to attack systems you don’t own may result in law enforcement knocking down your door. Use your own lab for testing and don’t hack your neighbor or your workplace.</strong></em></p> <p> </p> <p> </p> <p> </p> <div class="tptn_counter" id="tptn_counter_399">(Visited 50,805 times, 7 visits today)</div> </div> </div> </div> <div id="comments" class="clearfix no-ping"> <h4 class="comments current"> <i class="fa fa-comments-o"></i> 1 comments </h4> <div class="comments-list-wrapper"> <ol class="clearfix comments-list" id="comments_list"> <li id="comment-12942" class="comment even thread-even depth-1 comment"> <div class="row"> <div class="comment-wrap col-md-12"> <ul class="comment-meta"> <li class="comment-avatar"><img alt='' src='https://secure.gravatar.com/avatar/b25639809a5a278f2744625b976f9315?s=50&d=mm&r=g' srcset='https://secure.gravatar.com/avatar/b25639809a5a278f2744625b976f9315?s=100&d=mm&r=g 2x' class='avatar avatar-50 photo' height='50' width='50' decoding='async'/></li> <li class="comment-attr"><span class="comment-author">Jack Perry</span> on <span class="comment-date">April 20, 2017 <span class="time">at 11:30 am</span></span></li> <li class="single-comment-link"><a href="https://adsecurity.org/?page_id=399#comment-12942">#</a></li> <li class="comment-reply"><a rel='nofollow' class='btn btn-xs comment-reply-link' href='https://adsecurity.org/?page_id=399&replytocom=12942#respond' data-commentid="12942" data-postid="399" data-belowelement="comment-12942" data-respondelement="respond" data-replyto="Reply to Jack Perry" aria-label='Reply to Jack Perry'>Reply</a></li> </ul> <div class="comment-entry"> <p>The link for Best Practices for Securing Active Directory is broken. I did a search, and found the following article. Haven’t had time to read it yet, but hopefully this is an updated version.</p> <p><a href="https://technet.microsoft.com/en-us/windows-server-docs/identity/ad-ds/plan/security-best-practices/best-practices-for-securing-active-directory" rel="nofollow ugc">https://technet.microsoft.com/en-us/windows-server-docs/identity/ad-ds/plan/security-best-practices/best-practices-for-securing-active-directory</a></p> </div> </div> </div> </li> </ol> </div> </div> <div id="comment-form-wrap" class="clearfix"> <div id="respond" class="comment-respond"> <h3 id="reply-title" class="comment-reply-title">Leave a Reply <small><a class="btn btn-sm" rel="nofollow" id="cancel-comment-reply-link" href="/?page_id=399#respond" style="display:none;">Cancel reply</a></small></h3><form action="https://adsecurity.org/wp-comments-post.php" method="post" id="commentform" class="comment-form"><p class="comment-notes">Your email address will not be published.</p><div class="form-group"> <label for="comment" class="sr-only"></label> <textarea name="comment" class="form-control" id="comment" cols="40" rows="10" aria-required="true" placeholder="Your message"></textarea> </div><div class="row"><div class="form-group col-sm-4"> <label for="author" class="sr-only"></label> <input type="text" class="form-control" aria-required="true" id="author" name="author" value="" placeholder="Name" /> </div> <div class="form-group col-sm-4"> <label for="email" class="sr-only"></label> <input type="text" class="form-control" aria-required="true" id="email" name="email" value="" placeholder="Email" /> </div> <div class="form-group col-sm-4"> <label for="url" class="sr-only"></label> <input type="text" class="form-control" id="url" name="url" value="" placeholder="Website (optional)" /> </div> </div><p class="form-submit"><input name="submit" type="submit" id="submit" class="submit btn" value="Submit Comment" /> <input type='hidden' name='comment_post_ID' value='399' id='comment_post_ID' /> <input type='hidden' name='comment_parent' id='comment_parent' value='0' /> </p><p style="display: none;"><input type="hidden" id="akismet_comment_nonce" name="akismet_comment_nonce" value="b5375bb5b8" /></p><p style="display: none !important;" class="akismet-fields-container" data-prefix="ak_"><label>Δ<textarea name="ak_hp_textarea" cols="45" rows="8" maxlength="100"></textarea></label><input type="hidden" id="ak_js_1" name="ak_js" value="151"/><script>document.getElementById( "ak_js_1" ).setAttribute( "value", ( new Date() ).getTime() );</script></p><div class="clear"></div></form> </div> <p class="akismet_comment_form_privacy_notice">This site uses Akismet to reduce spam. <a href="https://akismet.com/privacy/" target="_blank" rel="nofollow noopener">Learn how your comment data is processed.</a></p> </div> </div> <div id="sidebar1" class="sidebar sidebar-right widget-area col-md-4"> <div id="recent-posts-4" class="sidebar-wrap widget_recent_entries"> <h3>Recent Posts</h3> <ul> <li> <a href="https://adsecurity.org/?p=4436">BSides Dublin – The Current State of Microsoft Identity Security: Common Security Issues and Misconfigurations – Sean Metcalf</a> </li> <li> <a href="https://adsecurity.org/?p=4434">DEFCON 2017: Transcript – Hacking the Cloud</a> </li> <li> <a href="https://adsecurity.org/?p=4432">Detecting the Elusive: Active Directory Threat Hunting</a> </li> <li> <a href="https://adsecurity.org/?p=4430">Detecting Kerberoasting Activity</a> </li> <li> <a href="https://adsecurity.org/?p=4428">Detecting Password Spraying with Security Event Auditing</a> </li> </ul> </div><div id="text-3" class="sidebar-wrap widget_text"><h3>Trimarc Active Directory Security Services</h3> <div class="textwidget">Have concerns about your Active Directory environment? Trimarc helps enterprises improve their security posture. <p> <a href="http://trimarcsecurity.com/security-services">Find out how...</a> TrimarcSecurity.com</div> </div><div id="widget_tptn_pop-4" class="sidebar-wrap tptn_posts_list_widget"><h3>Popular Posts</h3><div class="tptn_posts tptn_posts_widget tptn_posts_widget4"><ul><li><span class="tptn_after_thumb"><a href="https://adsecurity.org/?p=478" class="tptn_link"><span class="tptn_title">PowerShell Encoding & Decoding (Base64)</span></a></span></li><li><span class="tptn_after_thumb"><a href="https://adsecurity.org/?p=2362" class="tptn_link"><span class="tptn_title">Attack Methods for Gaining Domain Admin Rights in…</span></a></span></li><li><span class="tptn_after_thumb"><a href="https://adsecurity.org/?p=483" class="tptn_link"><span class="tptn_title">Kerberos & KRBTGT: Active Directory’s…</span></a></span></li><li><span class="tptn_after_thumb"><a href="https://adsecurity.org/?p=2288" class="tptn_link"><span class="tptn_title">Finding Passwords in SYSVOL & Exploiting Group…</span></a></span></li><li><span class="tptn_after_thumb"><a href="https://adsecurity.org/?p=3377" class="tptn_link"><span class="tptn_title">Securing Domain Controllers to Improve Active…</span></a></span></li><li><span class="tptn_after_thumb"><a href="https://adsecurity.org/?p=3299" class="tptn_link"><span class="tptn_title">Securing Windows Workstations: Developing a Secure Baseline</span></a></span></li><li><span class="tptn_after_thumb"><a href="https://adsecurity.org/?p=3458" class="tptn_link"><span class="tptn_title">Detecting Kerberoasting Activity</span></a></span></li><li><span class="tptn_after_thumb"><a href="https://adsecurity.org/?p=1729" class="tptn_link"><span class="tptn_title">Mimikatz DCSync Usage, Exploitation, and Detection</span></a></span></li><li><span class="tptn_after_thumb"><a href="https://adsecurity.org/?p=3658" class="tptn_link"><span class="tptn_title">Scanning for Active Directory Privileges &…</span></a></span></li><li><span class="tptn_after_thumb"><a href="https://adsecurity.org/?p=3164" class="tptn_link"><span class="tptn_title">Microsoft LAPS Security & Active Directory LAPS…</span></a></span></li></ul><div class="tptn_clear"></div></div></div><div id="categories-4" class="sidebar-wrap widget_categories"><h3>Categories</h3> <ul> <li class="cat-item cat-item-565"><a href="https://adsecurity.org/?cat=565">ActiveDirectorySecurity</a> </li> <li class="cat-item cat-item-55"><a href="https://adsecurity.org/?cat=55">Apple Security</a> </li> <li class="cat-item cat-item-431"><a href="https://adsecurity.org/?cat=431">Cloud Security</a> </li> <li class="cat-item cat-item-17"><a href="https://adsecurity.org/?cat=17">Continuing Education</a> </li> <li class="cat-item cat-item-396"><a href="https://adsecurity.org/?cat=396">Entertainment</a> </li> <li class="cat-item cat-item-347"><a href="https://adsecurity.org/?cat=347">Exploit</a> </li> <li class="cat-item cat-item-1039"><a href="https://adsecurity.org/?cat=1039">Hacking</a> </li> <li class="cat-item cat-item-168"><a href="https://adsecurity.org/?cat=168">Hardware Security</a> </li> <li class="cat-item cat-item-172"><a href="https://adsecurity.org/?cat=172">Hypervisor Security</a> </li> <li class="cat-item cat-item-126"><a href="https://adsecurity.org/?cat=126">Linux/Unix Security</a> </li> <li class="cat-item cat-item-343"><a href="https://adsecurity.org/?cat=343">Malware</a> </li> <li class="cat-item cat-item-11"><a href="https://adsecurity.org/?cat=11">Microsoft Security</a> </li> <li class="cat-item cat-item-819"><a href="https://adsecurity.org/?cat=819">Mitigation</a> </li> <li class="cat-item cat-item-48"><a href="https://adsecurity.org/?cat=48">Network/System Security</a> </li> <li class="cat-item cat-item-7"><a href="https://adsecurity.org/?cat=7">PowerShell</a> </li> <li class="cat-item cat-item-698"><a href="https://adsecurity.org/?cat=698">RealWorld</a> </li> <li class="cat-item cat-item-21"><a href="https://adsecurity.org/?cat=21">Security</a> </li> <li class="cat-item cat-item-234"><a href="https://adsecurity.org/?cat=234">Security Conference Presentation/Video</a> </li> <li class="cat-item cat-item-1045"><a href="https://adsecurity.org/?cat=1045">Security Recommendation</a> </li> <li class="cat-item cat-item-24"><a href="https://adsecurity.org/?cat=24">Technical Article</a> </li> <li class="cat-item cat-item-4"><a href="https://adsecurity.org/?cat=4">Technical Reading</a> </li> <li class="cat-item cat-item-2"><a href="https://adsecurity.org/?cat=2">Technical Reference</a> </li> <li class="cat-item cat-item-156"><a href="https://adsecurity.org/?cat=156">TheCloud</a> </li> <li class="cat-item cat-item-930"><a href="https://adsecurity.org/?cat=930">Vulnerability</a> </li> </ul> </div><div id="tag_cloud-3" class="sidebar-wrap widget_tag_cloud"><h3>Tags</h3><div class="tagcloud"><a href="https://adsecurity.org/?tag=activedirectory" class="tag-cloud-link tag-link-20 tag-link-position-1" style="font-size: 22pt;" aria-label="ActiveDirectory (55 items)">ActiveDirectory</a> <a href="https://adsecurity.org/?tag=active-directory" class="tag-cloud-link tag-link-75 tag-link-position-2" style="font-size: 10.453608247423pt;" aria-label="Active Directory (8 items)">Active Directory</a> <a href="https://adsecurity.org/?tag=active-directory-security" class="tag-cloud-link tag-link-976 tag-link-position-3" style="font-size: 9.7319587628866pt;" aria-label="Active Directory Security (7 items)">Active Directory Security</a> <a href="https://adsecurity.org/?tag=activedirectorysecurity" class="tag-cloud-link tag-link-113 tag-link-position-4" style="font-size: 13.773195876289pt;" aria-label="ActiveDirectorySecurity (14 items)">ActiveDirectorySecurity</a> <a href="https://adsecurity.org/?tag=adreading" class="tag-cloud-link tag-link-5 tag-link-position-5" style="font-size: 13.340206185567pt;" aria-label="ADReading (13 items)">ADReading</a> <a href="https://adsecurity.org/?tag=ad-security" class="tag-cloud-link tag-link-100 tag-link-position-6" style="font-size: 8pt;" aria-label="AD Security (5 items)">AD Security</a> <a href="https://adsecurity.org/?tag=adsecurity" class="tag-cloud-link tag-link-86 tag-link-position-7" style="font-size: 10.453608247423pt;" aria-label="ADSecurity (8 items)">ADSecurity</a> <a href="https://adsecurity.org/?tag=azure" class="tag-cloud-link tag-link-25 tag-link-position-8" style="font-size: 8pt;" aria-label="Azure (5 items)">Azure</a> <a href="https://adsecurity.org/?tag=azuread" class="tag-cloud-link tag-link-136 tag-link-position-9" style="font-size: 8pt;" aria-label="AzureAD (5 items)">AzureAD</a> <a href="https://adsecurity.org/?tag=dcsync" class="tag-cloud-link tag-link-598 tag-link-position-10" style="font-size: 10.453608247423pt;" aria-label="DCSync (8 items)">DCSync</a> <a href="https://adsecurity.org/?tag=domaincontroller" class="tag-cloud-link tag-link-101 tag-link-position-11" style="font-size: 15.216494845361pt;" aria-label="DomainController (18 items)">DomainController</a> <a href="https://adsecurity.org/?tag=goldenticket" class="tag-cloud-link tag-link-303 tag-link-position-12" style="font-size: 11.175257731959pt;" aria-label="GoldenTicket (9 items)">GoldenTicket</a> <a href="https://adsecurity.org/?tag=grouppolicy" class="tag-cloud-link tag-link-196 tag-link-position-13" style="font-size: 8pt;" aria-label="GroupPolicy (5 items)">GroupPolicy</a> <a href="https://adsecurity.org/?tag=hyperv" class="tag-cloud-link tag-link-3 tag-link-position-14" style="font-size: 8pt;" aria-label="HyperV (5 items)">HyperV</a> <a href="https://adsecurity.org/?tag=invoke-mimikatz" class="tag-cloud-link tag-link-336 tag-link-position-15" style="font-size: 10.453608247423pt;" aria-label="Invoke-Mimikatz (8 items)">Invoke-Mimikatz</a> <a href="https://adsecurity.org/?tag=kb3011780" class="tag-cloud-link tag-link-337 tag-link-position-16" style="font-size: 9.7319587628866pt;" aria-label="KB3011780 (7 items)">KB3011780</a> <a href="https://adsecurity.org/?tag=kdc" class="tag-cloud-link tag-link-80 tag-link-position-17" style="font-size: 8pt;" aria-label="KDC (5 items)">KDC</a> <a href="https://adsecurity.org/?tag=kerberos" class="tag-cloud-link tag-link-81 tag-link-position-18" style="font-size: 15.216494845361pt;" aria-label="Kerberos (18 items)">Kerberos</a> <a href="https://adsecurity.org/?tag=kerberoshacking" class="tag-cloud-link tag-link-298 tag-link-position-19" style="font-size: 11.752577319588pt;" aria-label="KerberosHacking (10 items)">KerberosHacking</a> <a href="https://adsecurity.org/?tag=krbtgt" class="tag-cloud-link tag-link-394 tag-link-position-20" style="font-size: 9.7319587628866pt;" aria-label="KRBTGT (7 items)">KRBTGT</a> <a href="https://adsecurity.org/?tag=laps" class="tag-cloud-link tag-link-631 tag-link-position-21" style="font-size: 9.0103092783505pt;" aria-label="LAPS (6 items)">LAPS</a> <a href="https://adsecurity.org/?tag=lsass" class="tag-cloud-link tag-link-71 tag-link-position-22" style="font-size: 11.175257731959pt;" aria-label="LSASS (9 items)">LSASS</a> <a href="https://adsecurity.org/?tag=mcm" class="tag-cloud-link tag-link-6 tag-link-position-23" style="font-size: 14.061855670103pt;" aria-label="MCM (15 items)">MCM</a> <a href="https://adsecurity.org/?tag=microsoftemet" class="tag-cloud-link tag-link-58 tag-link-position-24" style="font-size: 11.175257731959pt;" aria-label="MicrosoftEMET (9 items)">MicrosoftEMET</a> <a href="https://adsecurity.org/?tag=microsoftwindows" class="tag-cloud-link tag-link-102 tag-link-position-25" style="font-size: 9.7319587628866pt;" aria-label="MicrosoftWindows (7 items)">MicrosoftWindows</a> <a href="https://adsecurity.org/?tag=mimikatz" class="tag-cloud-link tag-link-207 tag-link-position-26" style="font-size: 18.103092783505pt;" aria-label="mimikatz (29 items)">mimikatz</a> <a href="https://adsecurity.org/?tag=ms14068" class="tag-cloud-link tag-link-295 tag-link-position-27" style="font-size: 11.175257731959pt;" aria-label="MS14068 (9 items)">MS14068</a> <a href="https://adsecurity.org/?tag=passthehash" class="tag-cloud-link tag-link-44 tag-link-position-28" style="font-size: 9.7319587628866pt;" aria-label="PassTheHash (7 items)">PassTheHash</a> <a href="https://adsecurity.org/?tag=powershell" class="tag-cloud-link tag-link-575 tag-link-position-29" style="font-size: 18.536082474227pt;" aria-label="PowerShell (31 items)">PowerShell</a> <a href="https://adsecurity.org/?tag=powershellcode" class="tag-cloud-link tag-link-22 tag-link-position-30" style="font-size: 14.927835051546pt;" aria-label="PowerShellCode (17 items)">PowerShellCode</a> <a href="https://adsecurity.org/?tag=powershellhacking" class="tag-cloud-link tag-link-68 tag-link-position-31" style="font-size: 8pt;" aria-label="PowerShellHacking (5 items)">PowerShellHacking</a> <a href="https://adsecurity.org/?tag=powershellv5" class="tag-cloud-link tag-link-69 tag-link-position-32" style="font-size: 8pt;" aria-label="PowerShellv5 (5 items)">PowerShellv5</a> <a href="https://adsecurity.org/?tag=powersploit" class="tag-cloud-link tag-link-232 tag-link-position-33" style="font-size: 10.453608247423pt;" aria-label="PowerSploit (8 items)">PowerSploit</a> <a href="https://adsecurity.org/?tag=presentation" class="tag-cloud-link tag-link-422 tag-link-position-34" style="font-size: 9.7319587628866pt;" aria-label="Presentation (7 items)">Presentation</a> <a href="https://adsecurity.org/?tag=security" class="tag-cloud-link tag-link-576 tag-link-position-35" style="font-size: 8pt;" aria-label="Security (5 items)">Security</a> <a href="https://adsecurity.org/?tag=silverticket" class="tag-cloud-link tag-link-304 tag-link-position-36" style="font-size: 11.175257731959pt;" aria-label="SilverTicket (9 items)">SilverTicket</a> <a href="https://adsecurity.org/?tag=sneakyadpersistence" class="tag-cloud-link tag-link-596 tag-link-position-37" style="font-size: 9.0103092783505pt;" aria-label="SneakyADPersistence (6 items)">SneakyADPersistence</a> <a href="https://adsecurity.org/?tag=spn" class="tag-cloud-link tag-link-294 tag-link-position-38" style="font-size: 9.0103092783505pt;" aria-label="SPN (6 items)">SPN</a> <a href="https://adsecurity.org/?tag=tgs" class="tag-cloud-link tag-link-528 tag-link-position-39" style="font-size: 9.0103092783505pt;" aria-label="TGS (6 items)">TGS</a> <a href="https://adsecurity.org/?tag=tgt" class="tag-cloud-link tag-link-529 tag-link-position-40" style="font-size: 9.0103092783505pt;" aria-label="TGT (6 items)">TGT</a> <a href="https://adsecurity.org/?tag=windows7" class="tag-cloud-link tag-link-117 tag-link-position-41" style="font-size: 8pt;" aria-label="Windows7 (5 items)">Windows7</a> <a href="https://adsecurity.org/?tag=windows10" class="tag-cloud-link tag-link-494 tag-link-position-42" style="font-size: 10.453608247423pt;" aria-label="Windows10 (8 items)">Windows10</a> <a href="https://adsecurity.org/?tag=windowsserver2008r2" class="tag-cloud-link tag-link-46 tag-link-position-43" style="font-size: 9.0103092783505pt;" aria-label="WindowsServer2008R2 (6 items)">WindowsServer2008R2</a> <a href="https://adsecurity.org/?tag=windowsserver2012" class="tag-cloud-link tag-link-47 tag-link-position-44" style="font-size: 11.175257731959pt;" aria-label="WindowsServer2012 (9 items)">WindowsServer2012</a> <a href="https://adsecurity.org/?tag=windowsserver2012r2" class="tag-cloud-link tag-link-54 tag-link-position-45" style="font-size: 9.7319587628866pt;" aria-label="WindowsServer2012R2 (7 items)">WindowsServer2012R2</a></div> </div><div id="search-2" class="sidebar-wrap widget_search"><form class="searchform" method="get" action="https://adsecurity.org"> <div class="input-group"> <div class="form-group live-search-input"> <label for="s" class="screen-reader-text">Search for:</label> <input type="text" id="s" name="s" class="form-control" placeholder="Search"> </div> <span class="input-group-btn"> <button class="btn btn-default" type="submit"><i class="fa fa-search"></i></button> </span> </div> </form></div> <div id="recent-posts-2" class="sidebar-wrap widget_recent_entries"> <h3>Recent Posts</h3> <ul> <li> <a href="https://adsecurity.org/?p=4436">BSides Dublin – The Current State of Microsoft Identity Security: Common Security Issues and Misconfigurations – Sean Metcalf</a> </li> <li> <a href="https://adsecurity.org/?p=4434">DEFCON 2017: Transcript – Hacking the Cloud</a> </li> <li> <a href="https://adsecurity.org/?p=4432">Detecting the Elusive: Active Directory Threat Hunting</a> </li> <li> <a href="https://adsecurity.org/?p=4430">Detecting Kerberoasting Activity</a> </li> <li> <a href="https://adsecurity.org/?p=4428">Detecting Password Spraying with Security Event Auditing</a> </li> </ul> </div><div id="recent-comments-2" class="sidebar-wrap widget_recent_comments"><h3>Recent Comments</h3><ul id="recentcomments"><li class="recentcomments"><span class="comment-author-link">Derek</span> on <a href="https://adsecurity.org/?p=3592#comment-13603">Attacking Read-Only Domain Controllers (RODCs) to Own Active Directory</a></li><li class="recentcomments"><span class="comment-author-link"><a href="https://ADSecurity.org" class="url" rel="ugc">Sean Metcalf</a></span> on <a href="https://adsecurity.org/?p=3782#comment-13545">Securing Microsoft Active Directory Federation Server (ADFS)</a></li><li class="recentcomments"><span class="comment-author-link">Brad</span> on <a href="https://adsecurity.org/?p=3782#comment-13544">Securing Microsoft Active Directory Federation Server (ADFS)</a></li><li class="recentcomments"><span class="comment-author-link">Joonas</span> on <a href="https://adsecurity.org/?p=3719#comment-13229">Gathering AD Data with the Active Directory PowerShell Module</a></li><li class="recentcomments"><span class="comment-author-link"><a href="https://ADSecurity.org" class="url" rel="ugc">Sean Metcalf</a></span> on <a href="https://adsecurity.org/?p=3719#comment-13215">Gathering AD Data with the Active Directory PowerShell Module</a></li></ul></div><div id="archives-2" class="sidebar-wrap widget_archive"><h3>Archives</h3> <ul> <li><a href='https://adsecurity.org/?m=202406'>June 2024</a></li> <li><a href='https://adsecurity.org/?m=202405'>May 2024</a></li> <li><a href='https://adsecurity.org/?m=202005'>May 2020</a></li> <li><a href='https://adsecurity.org/?m=202001'>January 2020</a></li> <li><a href='https://adsecurity.org/?m=201908'>August 2019</a></li> <li><a href='https://adsecurity.org/?m=201903'>March 2019</a></li> <li><a href='https://adsecurity.org/?m=201902'>February 2019</a></li> <li><a href='https://adsecurity.org/?m=201810'>October 2018</a></li> <li><a href='https://adsecurity.org/?m=201808'>August 2018</a></li> <li><a href='https://adsecurity.org/?m=201805'>May 2018</a></li> <li><a href='https://adsecurity.org/?m=201801'>January 2018</a></li> <li><a href='https://adsecurity.org/?m=201711'>November 2017</a></li> <li><a href='https://adsecurity.org/?m=201708'>August 2017</a></li> <li><a href='https://adsecurity.org/?m=201706'>June 2017</a></li> <li><a href='https://adsecurity.org/?m=201705'>May 2017</a></li> <li><a href='https://adsecurity.org/?m=201702'>February 2017</a></li> <li><a href='https://adsecurity.org/?m=201701'>January 2017</a></li> <li><a href='https://adsecurity.org/?m=201611'>November 2016</a></li> <li><a href='https://adsecurity.org/?m=201610'>October 2016</a></li> <li><a href='https://adsecurity.org/?m=201609'>September 2016</a></li> <li><a href='https://adsecurity.org/?m=201608'>August 2016</a></li> <li><a href='https://adsecurity.org/?m=201607'>July 2016</a></li> <li><a href='https://adsecurity.org/?m=201606'>June 2016</a></li> <li><a href='https://adsecurity.org/?m=201604'>April 2016</a></li> <li><a href='https://adsecurity.org/?m=201603'>March 2016</a></li> <li><a href='https://adsecurity.org/?m=201602'>February 2016</a></li> <li><a href='https://adsecurity.org/?m=201601'>January 2016</a></li> <li><a href='https://adsecurity.org/?m=201512'>December 2015</a></li> <li><a href='https://adsecurity.org/?m=201511'>November 2015</a></li> <li><a href='https://adsecurity.org/?m=201510'>October 2015</a></li> <li><a href='https://adsecurity.org/?m=201509'>September 2015</a></li> <li><a href='https://adsecurity.org/?m=201508'>August 2015</a></li> <li><a href='https://adsecurity.org/?m=201507'>July 2015</a></li> <li><a href='https://adsecurity.org/?m=201506'>June 2015</a></li> <li><a href='https://adsecurity.org/?m=201505'>May 2015</a></li> <li><a href='https://adsecurity.org/?m=201504'>April 2015</a></li> <li><a href='https://adsecurity.org/?m=201503'>March 2015</a></li> <li><a href='https://adsecurity.org/?m=201502'>February 2015</a></li> <li><a href='https://adsecurity.org/?m=201501'>January 2015</a></li> <li><a href='https://adsecurity.org/?m=201412'>December 2014</a></li> <li><a href='https://adsecurity.org/?m=201411'>November 2014</a></li> <li><a href='https://adsecurity.org/?m=201410'>October 2014</a></li> <li><a href='https://adsecurity.org/?m=201409'>September 2014</a></li> <li><a href='https://adsecurity.org/?m=201408'>August 2014</a></li> <li><a href='https://adsecurity.org/?m=201407'>July 2014</a></li> <li><a href='https://adsecurity.org/?m=201406'>June 2014</a></li> <li><a href='https://adsecurity.org/?m=201405'>May 2014</a></li> <li><a href='https://adsecurity.org/?m=201404'>April 2014</a></li> <li><a href='https://adsecurity.org/?m=201403'>March 2014</a></li> <li><a href='https://adsecurity.org/?m=201402'>February 2014</a></li> <li><a href='https://adsecurity.org/?m=201307'>July 2013</a></li> <li><a href='https://adsecurity.org/?m=201211'>November 2012</a></li> <li><a href='https://adsecurity.org/?m=201203'>March 2012</a></li> <li><a href='https://adsecurity.org/?m=201202'>February 2012</a></li> </ul> </div><div id="categories-2" class="sidebar-wrap widget_categories"><h3>Categories</h3> <ul> <li class="cat-item cat-item-565"><a href="https://adsecurity.org/?cat=565">ActiveDirectorySecurity</a> </li> <li class="cat-item cat-item-55"><a href="https://adsecurity.org/?cat=55">Apple Security</a> </li> <li class="cat-item cat-item-431"><a href="https://adsecurity.org/?cat=431">Cloud Security</a> </li> <li class="cat-item cat-item-17"><a href="https://adsecurity.org/?cat=17">Continuing Education</a> </li> <li class="cat-item cat-item-396"><a href="https://adsecurity.org/?cat=396">Entertainment</a> </li> <li class="cat-item cat-item-347"><a href="https://adsecurity.org/?cat=347">Exploit</a> </li> <li class="cat-item cat-item-1039"><a href="https://adsecurity.org/?cat=1039">Hacking</a> </li> <li class="cat-item cat-item-168"><a href="https://adsecurity.org/?cat=168">Hardware Security</a> </li> <li class="cat-item cat-item-172"><a href="https://adsecurity.org/?cat=172">Hypervisor Security</a> </li> <li class="cat-item cat-item-126"><a href="https://adsecurity.org/?cat=126">Linux/Unix Security</a> </li> <li class="cat-item cat-item-343"><a href="https://adsecurity.org/?cat=343">Malware</a> </li> <li class="cat-item cat-item-11"><a href="https://adsecurity.org/?cat=11">Microsoft Security</a> </li> <li class="cat-item cat-item-819"><a href="https://adsecurity.org/?cat=819">Mitigation</a> </li> <li class="cat-item cat-item-48"><a href="https://adsecurity.org/?cat=48">Network/System Security</a> </li> <li class="cat-item cat-item-7"><a href="https://adsecurity.org/?cat=7">PowerShell</a> </li> <li class="cat-item cat-item-698"><a href="https://adsecurity.org/?cat=698">RealWorld</a> </li> <li class="cat-item cat-item-21"><a href="https://adsecurity.org/?cat=21">Security</a> </li> <li class="cat-item cat-item-234"><a href="https://adsecurity.org/?cat=234">Security Conference Presentation/Video</a> </li> <li class="cat-item cat-item-1045"><a href="https://adsecurity.org/?cat=1045">Security Recommendation</a> </li> <li class="cat-item cat-item-24"><a href="https://adsecurity.org/?cat=24">Technical Article</a> </li> <li class="cat-item cat-item-4"><a href="https://adsecurity.org/?cat=4">Technical Reading</a> </li> <li class="cat-item cat-item-2"><a href="https://adsecurity.org/?cat=2">Technical Reference</a> </li> <li class="cat-item cat-item-156"><a href="https://adsecurity.org/?cat=156">TheCloud</a> </li> <li class="cat-item cat-item-930"><a href="https://adsecurity.org/?cat=930">Vulnerability</a> </li> </ul> </div><div id="meta-2" class="sidebar-wrap widget_meta"><h3>Meta</h3> <ul> <li><a href="https://adsecurity.org/wp-login.php">Log in</a></li> <li><a href="https://adsecurity.org/?feed=rss2">Entries feed</a></li> <li><a href="https://adsecurity.org/?feed=comments-rss2">Comments feed</a></li> <li><a href="https://wordpress.org/">WordPress.org</a></li> </ul> </div> </div> </div> <div id="sidebar_bottom" class="sidebar widget-area row footer-widget-col-3"> <div id="text-2" class="sidebar-wrap widget_text col-sm-4"><h3>Copyright</h3> <div class="textwidget">Content Disclaimer: This blog and its contents are provided "AS IS" with no warranties, and they confer no rights. Script samples are provided for informational purposes only and no guarantee is provided as to functionality or suitability. The views shared on this blog reflect those of the authors and do not represent the views of any companies mentioned. Content Ownership: All content posted here is intellectual work and under the current law, the poster owns the copyright of the article. Terms of Use Copyright © 2011 - 2020.</div> </div> </div> <div id="footer" class="row default-footer"> <div class="copyright-developer"> <div id="copyright"> <p>Content Disclaimer: This blog and its contents are provided "AS IS" with no warranties, and they confer no rights. Script samples are provided for informational purposes only and no guarantee is provided as to functionality or suitability. The views shared on this blog reflect those of the authors and do not represent the views of any companies mentioned. </p> </div> <div id="developer"> <p> Made with <i class="fa fa-heart"></i> by <a href="https://www.graphene-theme.com/" rel="nofollow">Graphene Themes</a>. </p> </div> </div> </div> </div>  <script>  <a href="#" id="back-to-top" title="Back to top"><i class="fa fa-chevron-up"></i></a> <script type="text/javascript" id="tptn_tracker-js-extra"> /* <![CDATA[ */ var ajax_tptn_tracker = {"ajax_url":"https:\/\/adsecurity.org\/wp-admin\/admin-ajax.php","top_ten_id":"399","top_ten_blog_id":"1","activate_counter":"11","top_ten_debug":"0","tptn_rnd":"62901796"}; /* ]]> */ </script> <script type="text/javascript" src="https://adsecurity.org/wp-content/plugins/top-10/includes/js/top-10-tracker.min.js?ver=1.0" id="tptn_tracker-js"></script> <script defer type="text/javascript" src="https://adsecurity.org/wp-includes/js/comment-reply.min.js?ver=6.5.5" id="comment-reply-js" async="async" data-wp-strategy="async"></script> <script defer type="text/javascript" src="https://adsecurity.org/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1739567760" id="akismet-frontend-js"></script> </body> </html>