Varia

Seven Sins

• #1: Lack of patch management
• #2: Lack of MFA
• #3: Ignoring or misinterpreting AV alerts
• #4: Insufficient AD hardening
• #5: No in-depth analysis after a (security) incident
• #6: Direct access to the Internet
• #7: Lack of an EDR

10 AD Commandments

• #2: Service Accounts
• #3: Passwords
• #4: PowerShell Script Block Logging
• #5: Add Computers to the Domain
• #6: Privileges and Permissions
• #7: Harden Critical Accounts
• #8: Print Spooler Service
• #9: Relaying
• #10: Easy Wins (for Attackers)

USB Malware

• Raspberry Robin
• Andromeda
• VBE
• VBE, Part 2
• Macoute
• Sality
• vjw0rm
• Neshta

Shodan

• Scan IP ranges for exposed services
• CobaltStrike Beacons
• Scan History

Varia

• xlsxgrep