A curated list of awesome Security Hardening techniques for Windows.
A curated list of awesome Security Hardening techniques for Windows.
Created by gepeto42 and PaulWebSec but highly inspired from PyroTek3 research!
This document summarizes the information related to Pyrotek and Harmj0y's DerbyCon talk called "111 Attacking EvilCorp Anatomy of a Corporate Hack". Video and slides are available below.
It also incorporates hardening techniques necessary to prevent other attacks, including techniques discussed by gepeto42 and joeynoname during their THOTCON 0x7 talk.
Something's missing? Create a Pull Request and add it.
BloodHound "prevention":
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\TokenLeakDetectDelaySecs
= 30. This will clear credentials of logged off users after 30 seconds (mimicking the behavior of Windows 8.1+)HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\SecurityProviders\WDigest\UseLogonCredential
= 0. This will prevent Wdigest credentials being stored in memory, again as is the default for Windows 8.1+.