Upload files to "3 DC/GPOs"
This commit is contained in:
BIN
3 DC/GPOs/(3) Mapping Drives Using GPO's S.O.P..pdf
Normal file
BIN
3 DC/GPOs/(3) Mapping Drives Using GPO's S.O.P..pdf
Normal file
Binary file not shown.
10
3 DC/GPOs/3) increase_log_size.md
Normal file
10
3 DC/GPOs/3) increase_log_size.md
Normal file
@ -0,0 +1,10 @@
|
||||
# Powershell
|
||||
```
|
||||
Limit-Eventlog -logname security -maximumsize 200MB -overflowaction overwriteolder
|
||||
```
|
||||
|
||||
# GPO to increase log size
|
||||
|
||||
Computer Configuration > policies > administrative templates > windows components > event log service
|
||||
|
||||
enable "Specify the maximum log file size (KB)" to 200000 = 200MB
|
||||
23
3 DC/GPOs/4) DCO_GPO_INTERNAL.md
Normal file
23
3 DC/GPOs/4) DCO_GPO_INTERNAL.md
Normal file
@ -0,0 +1,23 @@
|
||||
## Tools
|
||||
|
||||
[DFIR Tools](https://ericzimmerman.github.io/#!index.md)
|
||||
[Flare](https://github.com/HASecuritySolutions/flare)
|
||||
[Ghidra](https://github.com/NationalSecurityAgency/ghidra)
|
||||
[Greenborne](https://github.com/greenbone/openvas-scanner)
|
||||
[Kali ISO](https://cdimage.kali.org/kali-2024.2/kali-linux-2024.2-installer-amd64.iso)
|
||||
[memdump](https://www.softpedia.com/get/System/System-Miscellaneous/MemDump.shtml)
|
||||
[memprocfs](https://github.com/ufrisk/MemProcFS)
|
||||
[Network Miner](https://www.netresec.com/?page=NetworkMiner)
|
||||
[Persistent Sniper](https://github.com/last-byte/PersistenceSniper)
|
||||
[reg shot](https://sourceforge.net/projects/regshot/)
|
||||
[Rita](https://github.com/activecm/rita)
|
||||
[Snort](https://www.snort.org/)
|
||||
[sysinternals](https://learn.microsoft.com/en-us/sysinternals/downloads/sysinternals-suite)
|
||||
[volatility](https://github.com/volatilityfoundation/volatility3)
|
||||
[wireshark](https://www.wireshark.org/download.html)
|
||||
|
||||
## OVAs
|
||||
|
||||
[Remnux](https://docs.remnux.org/install-distro/get-virtual-appliance)
|
||||
[Sift](https://www.sans.org/tools/sift-workstation/)
|
||||
[Kali](https://www.kali.org/get-kali/#kali-installer-images)
|
||||
14
3 DC/GPOs/Remote_Cred_Guard.md
Normal file
14
3 DC/GPOs/Remote_Cred_Guard.md
Normal file
@ -0,0 +1,14 @@
|
||||
# Remote Credential Guard
|
||||
|
||||
Remote Credential Guard helps protecting credentials over a Remote Desktop (RDP) connection by redirecting Kerberos requests back to the device that's requesting the connection.
|
||||
|
||||
## GPO [^1]
|
||||
|
||||
|Group policy path|Group policy setting|Value|
|
||||
|---|---|---|
|
||||
|Computer Configuration\Administrative Templates\System\Credentials Delegation|Remote host allows delegation of nonexportable credentials|Enabled|
|
||||
|
||||
|
||||
|
||||
#### Resources
|
||||
[^1]: [Remote Credential Guard](https://learn.microsoft.com/en-us/windows/security/identity-protection/remote-credential-guard?tabs=gpo)
|
||||
Reference in New Issue
Block a user