https://m.youtube.com/watch?v=qAoM6iJEVbY&feature=youtu.be https://www.youtube.com/feed/history #windows #applocker

https://youtu.be/qAoM6iJEVbY #windows #applocker

#AppLocker gibt es jetzt für alle Windows 10 und 11 Versionen! 🎉 KB5024351—Removal of Windows edition checks for AppLocker - Microsoft Support https://support.microsoft.com/en-us/topic/kb5024351-removal-of-windows-edition-checks-for-applocker-e3a763c9-6a3e-4d9c-8623-0ffe69046470

Did a long time coming update to my PowaScripts! Repository at https://github.com/serializingme/powascripts.

Want to highlight two new scripts, one to dump BeyondTrust PowerBroker policy (rules in the policy maybe vulnerable to privilege escalation), and another to dump users' photos stored in Active Directory (useful for social engineering).

Updated the script to dump computers from Active Directory to also dump the sessions and shares of the computers (this will actively connect to the various computers and may turn out very valuable information, like the service desk hidden file share that nobody noticed was open to all the users in the domain.)

Also updated a bunch of scripts with fixes and minor improvements.

#activedirectory #powershell #penetrationtest #powerbroker #applocker

Home Grown #redteam Using LNK Files To Bypass #Applocker #infosec #cybersecurity
https://assume-breach.medium.com/home-grown-red-team-using-lnk-files-to-bypass-applocker-3fb1ecae291f

Je mehr in der Causa #Continental (bei zugleich einer miesen #Kommunikation) rauskommt, desto mehr schüttelt's mich mich. Wie kann es sein, dass jemand eine Software aus dem Netz installieren, geschweige denn starten kann? #AD Netze sind ja schon schlimm, aber kein #AppLocker oder #SRP per #GPO ausrollen? Das ist fahrlässig! Und dezenter Hinweis: Es ist nie der Mitarbeiter. Der #Arbeitgeber hat für #Sicherheit in der #Arbeitsumgebung zu sorgen.

https://www.heise.de/news/Continental-IT-Einbruch-erfolgte-ueber-heruntergeladenen-Browser-von-Mitarbeiter-7394151.html

#Applocker is acting weird on Windows Pro 22H2 for me.

On Pro, Applocker rules defined in Group Policy do not work, it is Win Enterprise feature. I had a random Applocker rule there since God knows when and somehow it become enforced. Pure luck that I did not lock myself out of the system.

Guess I will need to look more into this.

#bypass #applocker by abusing hashinfo

https://shells.systems/post-bypassing-applocker-by-abusing-hashinfo/

#bugbounty #bugbountytips

Comment bloquer PsExec ? Voici quelques pistes… https://www.it-connect.fr/comment-bloquer-psexec-voici-quelques-pistes/ #SécuritéInformatique #Logiciels #AppLocker #Sécurité #Windows #PsExec

GPO – Comment configurer AppLocker pour sécuriser vos postes Windows ? https://www.it-connect.fr/gpo-comment-configurer-applocker-pour-securiser-vos-postes-windows/ #SécuritéInformatique #Stratégiedegroupe #WindowsClient #AppLocker #Sécurité #Windows #GPO