This post covers domain reporting via PowerShell to HTML for compliance change reporting purposes. The following is written to provide guidance and transparency for those seeking out simplistic answers to complex compliance requirements. With expensive paid solutions such at Netwrix requiring setup time and hardware requirements. I'm here to tell
This post covers implementation for MFA via firewall VPN connections using RADIUS authorization. 1.) Log into your DUO admin panel and create an application for RADIUS. 2.) Install the DUO Auth Proxy client on the server you wish to use to submit the RADIUS requests from. You'll specify the Integration
This covers removing the default trackers and data collection methods included with a default installation of Windows 10 across all versions. I've been asked by colleagues to write down my process for hardening windows systems and share. Many of these people have extensive backgrounds in UNIX, but aren't familiar with
This guide assumes you have a hypervisor and VMs and/or physical boxes to support setup. This guide uses a fresh install of Server 2016. Install the following roles by opening up server manager and enabling the following: Active Directory Domain Services DHCP Server DNS Server File and Storage Services
This is a generalized guide for configuring Selenium on Windows. 1. Create a directory named Selenium under C:\ 2. Copy the directory downloaded from http://docs.seleniumhq.org/download/ in this example I'm setting up the Java specific package. 3. Within IE set all Security Zones to the same protection
This post covers deploying Chocolatey [https://chocolatey.org/] to enterprise devices. The idea is to provide a solution for 3rd party product patching that's both free, and automated. To start you'll need domain admin privileges and just a couple minutes. First, we'll need psexec installed on one machine within the
This guide is for piecing together an opensource solution to trigger AV + macro detection upon files upload within web applications. Installed Software: http://www.clamwin.com/content/view/249/1/ https://www.python.org/downloads/release/python-371/ https://github.com/VirusTotal/yara/archive/v3.8.1.zip https://github.com/
Common attack vector defense for windows server web applications. This can be done and implemented with NuGet for continuous integration. Add the following to the httpRuntime tag in your config. If the following keys already exist, ignore those values: httpRuntime targetFramework="4.5" encoderType="System.Web.Security.AntiXss.AntiXssEncoder,System.