IoC (indicators of compromise) are essentially breadcrumbs that are left behind from an attempted or successful attack on a system.SPARK Core – Free IOC and YARA Scanning […]
Category: Research
Research Undertaken
How to copy Refs data with blockclone\ Space Saving ( e.g. Veeam backups )
Windows copy isn’t ReFS block clone API aware , so when you copy REFS data it reinflates and you loose the space savings 🙁 3 Methods to do […]
RDS UPD error message 0x2.82 Temporary Profile
Recently had an issue where I spun up a new session host for an existing collection and added it and Users logged into the server via the […]
WARNING: No targets were specified – LLMNR Nmap Scan
nmap –script llmnr-resolve –script-args ‘llmnr-resolve.hostname=%hostname%’On Windows you need to change to “nmap –script llmnr-resolve –script-args “llmnr-resolve.hostname=%hostname%”
Mimecast Suspicious Message Structure
I have further reviewed this case and the emails are being held due to Suspicious Message Structure, this could be due to reasons like Mail formatting that […]
Things for Bit Titan Migrate
Global Admin accounts for both TenantsMailbox License needed for Global Admin account for both Tenants ( Public Folders )Teams License needed for Both Tenant ( Teams Migration […]
Migrating from G-Suite to 365 , how to keep “Connect with Google” working after migration
There’s a free “Google Cloud Identity” license in GSuite. There’s 50 by default but you can increase this where neededhttps://cloud.google.com/identity/pricingYou can then work on migrating the SSO […]
Hybrid Join computer to Azure Active Directory \ Intune without access (line of sight) to domain controller
Machines usually need a GPO to join them to Intune and Line of Sight access to the Domain Controller to join to Azure AD. You can actually […]
Fiber Guide
YSK (if you don’t) about fiber optics and how they work : networking (reddit.com)
MAM Policy Conditional Access
Workstation Inc Windows Interesting one, you might need to turn off abilities of customs apps to be installedhttps://www.amobileattempt.com/2020/08/app-protection-policies-and-outlook-add.html