This gist is a little long in the tooth, so your mileage my vary. We also covered NPK in a podcast episode.

This is an in-progress quick start install guide for NPK on Ubuntu 18.

From a new Ubuntu 18 box, install the essentials:

apt install unzip -y

As heard on 7MS #357

Basically, you can do Windows Key + R then type cmd and Enter for quick access to command line.

But lets do some more fun stuff. Wanna open a command window from the desktop and launch a command in one swoop? Try this:

Note: this set of GPOs accompany's a YouTube video all about building your own pentest lab

Personally, when I setup an internal/test/pentest Active Directory environment I like to leave some settings the way most client environments are setup - both for ease of management and easier attacks, so that includes spinning up the following GPOs:

Enable RDP on desktops Create a new GPO and link it whatever OU your workstations are in, and set Computer Configuration > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Connections and set Allow users to connect remotely using Remote Desktop Services to Enable

Then, create a security group in AD, called RDP-peeps for example, that you want to allow to RDP into all workstations.

This document is intended to help you create a GPO you can push to your Windows endpoints and start gathering much more rich, verbose logging data. As I recently discussed on the podcast, Windows is a bit lacking in how much information gets logged in its out-of-the-box config.

Note: much of these settings were discovered when using the great LOG-MD tool, which you can download for free.

Below is the cell phone agreement I have with my kids. It was largely inspired by this contract which had some excellent ideas.

• I understand that my cell phone is a privilege, not a right. Mom and dad can look at anything on my phone and take it away for any length of time and for any reason.

I will silence and put away or turn off my phone:

• At 7:30 p.m. each night, and I will put the phone on the charger upstairs

In episode #341 of the 7 Minute Security podcast I talked about how to identify - and remediate - the unquoted service path vulnerabilities you might see pop up on a vulnerability scan. Here's the breakdown of resources that will help you understand and fix this pesky vuln:

• Here's a great article describing unquoted service paths and why they're a risk to your enterprise.

• If you want to create a fake service with unquoted service paths so you can then test fixing it, check out this gist which has you run something like the following:

New-Service -Name 'TotesFakeService' -BinaryPathName 'C:\program files\system32\something.exe' -DisplayName 'Totes Fake Dude' -StartupType Manual

In episode 338 of the 7 Minute Security podcast, I talked about a recent engagement where I helped a customer do a bit of a SIEM solution bake-off. This gist is the companion to that episode, and is broken down into the following two sections:

• Questionnaire - a series of questions you can ask SIEM vendors to gather as many data points about their products and services as possible

• SIEM tests - a few tests you can conduct on your internal/external network to see if your SIEM solution indeed coughs up alerts on some things it should indeed whine about

These are the Slack channels featured on the 7 Minute Security Slack channel:

A channel for the 7MS User's Group, which is currently on hold for that pesky COVID stuff. Hoping to resume fall, 2021. Currently looking for interested sponsors, speakers and attendees!

Basically just a place to receive RSS notifications when the BPATTY project gets updated.

Trying to stop those pesky pentesters and other adversaries? Share your favorite defensive tools, tips, scripts and strategies!

This document complements the Active Directory security topics talked about on the 7 Minute Security podcast miniseries related to Active Directory - specifically #329. The purpose of this doc is to compile resources we can all use to make our Active Directory environments more physically and logically secure. Here we go....

I can't tell you how many companies I've run into that have flippin' Fort Knox around their DCs at their primary office (cameras, motion detectors, angry guard dogs, snipers, etc.) but then the branch office has a DC under the receptionist's desk with no security controls. Make sure all domain controllers are physically locked down. I think a good minimum config is to have the DC locked in a room with keycard access - where only a subset of employees have physical access.

This gist focuses on (relatively) free and (relatively) easy things organizations can do to better protect their networks without buying yet another black box with blinking lights.

Got some ideas of your own that should be on this list? Please leave a comment below!

Microsoft has a great paper on the topic that gives some nice high level recommendations:

• Use a unique password per site
• Enable complexity