just rand0m sec n0ise

Did you know, by default “run as admin” doesn’t check the AD?

What a surprise that was to find out that by default if you do "run as admin" with AD account, the AD is not queried for account status as long as cached credentials are available.

Little bXOR and Base64 in Powershell for good and bad

I was recently reading an Article from MS regarding AMSI an fileless malware and decided to give it a try in a simplest form. So let's have a look.

Anonymize Windows Event Logs with Powershell

I needed a anonymized ETL's to be able to pass it to a 3rd party and couldn't find anything that would do it, so I put few thing I found on the internet together, adjusted and here it is.

LDAP Version

Find out the LDAP version in your environment.

DNS records for a given zone

DNS records can be requested pretty easily from DNS servers via Powershell.

Up ↑