Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create a defensive blue team version of LPLITE #81

Open
7MinSec opened this issue May 25, 2023 · 0 comments
Open

Create a defensive blue team version of LPLITE #81

7MinSec opened this issue May 25, 2023 · 0 comments
Assignees
@7MinSec
Labels
defense Things to consider in a defense-based LP course

Comments

@7MinSec
Copy link
Owner

7MinSec commented May 25, 2023
edited
Loading

Maybe take the existing lab and give individual access to the lab for a period of time to close all the holes, like:

Things to have to fix:

  • cpasswords in GPOs
  • Enable SMB signing
  • Enable LAPS
  • Fix SQL stored procedure weakness
  • Clean up descriptions in Active Directory
  • etc.
  • Implement better password policy
  • Implement broadcast poisoning protections

Possible beta testers:

  • d1ddy (Discord)
  • Dan (Discord)
  • DKnight (Discord)
  • RM (Discord)
  • Sergio (Discord)
  • Tmaz (Discord)

Potential titles:

  • Light Pentest DIE (Defensive Independent Experience!)
  • Light Pentest DADDY (Do Active Directory Defense Yeah!)
  • Light Pentest ADD (Active Directory Defense)

The "exam" could be a 7MinSec resource running through a checklist and ensuring all "holes" are closed.
@7MinSec 7MinSec added the defense Things to consider in a defense-based LP course label May 25, 2023
@7MinSec 7MinSec self-assigned this May 25, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@7MinSec 7MinSec

Labels
defense Things to consider in a defense-based LP course
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@7MinSec