文件列表:

Assert/ (0, 2016-11-25)
Assert/Assert.psm1 (1266, 2016-11-25)
DISCLAIMER.md (1794, 2016-11-25)
LICENSE.md (372, 2016-11-25)
Password/ (0, 2016-11-25)
Password/password.psm1 (4901, 2016-11-25)
PtHTools/ (0, 2016-11-25)
PtHTools/PtHTools.psm1 (47430, 2016-11-25)
Windows/ (0, 2016-11-25)
Windows/AccountInfo/ (0, 2016-11-25)
Windows/AccountInfo/AccountInfo.psm1 (44887, 2016-11-25)
Windows/Computer/ (0, 2016-11-25)
Windows/Computer/computer.psm1 (815, 2016-11-25)
Windows/DomainInfo/ (0, 2016-11-25)
Windows/DomainInfo/DomainInfo.psm1 (3440, 2016-11-25)
Windows/FileSystem/ (0, 2016-11-25)
Windows/FileSystem/FileSystem.psm1 (4317, 2016-11-25)
Windows/General/ (0, 2016-11-25)
Windows/General/General.psm1 (10220, 2016-11-25)
Windows/SecureString/ (0, 2016-11-25)
Windows/SecureString/SecureString.psm1 (4752, 2016-11-25)
Windows/adsi/ (0, 2016-11-25)
Windows/adsi/adsi.psm1 (6588, 2016-11-25)
multithreading/ (0, 2016-11-25)
multithreading/multithreading.psm1 (4213, 2016-11-25)
regression/ (0, 2016-11-25)
regression/Assert/ (0, 2016-11-25)
regression/Assert/assertTest.ps1 (410, 2016-11-25)
regression/Multithreading/ (0, 2016-11-25)
regression/Multithreading/multithreadingTest.ps1 (3125, 2016-11-25)
regression/PoshLibraries/ (0, 2016-11-25)
regression/PoshLibraries/accountInfo/ (0, 2016-11-25)
regression/PoshLibraries/accountInfo/accountInfoTest.ps1 (20763, 2016-11-25)
regression/PoshLibraries/adsi/ (0, 2016-11-25)
regression/PoshLibraries/adsi/adsiTest.ps1 (917, 2016-11-25)

# Pass the Hash Guidance This project hosts scripts for aiding administrators in implementing Pass the Hash mitigations as outlined in the [Reducing the Effectiveness of Pass the Hash](https://www.iad.gov/iad/library/ia-guidance/security-configuration/applications/reducing-the-effectiveness-of-pass-the-hash.cfm) paper. The [PtHTools](./PtHTools/) module contains the main commands for helping with implementing PtH mitigations: * Find-PotentialPtHEvents * Invoke-DenyNetworkAccess * Edit-AllLocalAccountPasswords * Get-LocalAccountSummaryOnDomain * Invoke-SmartcardHashRefresh * Find-OldSmartcardHash See the [PtHTools readme file](./PtHTools/README.md) for more information on how to use them. ## Guidance * [Reducing the Effectiveness of Pass the Hash](https://www.iad.gov/iad/library/ia-guidance/security-configuration/applications/reducing-the-effectiveness-of-pass-the-hash.cfm) * [Long-Lived Hashes for AD Smartcard Required Accounts](https://www.iad.gov/iad/library/ia-advisories-alerts/long-lived-hashes-for-ad-smartcard-required-accounts.cfm) * [Limit Workstation-to-Workstation Communication](https://www.iad.gov/iad/library/ia-guidance/security-tips/limit-workstation-to-workstation-communication.cfm) ## Microsoft guidance * https://aka.ms/pth - Microsoft's Pass-the-Hash general resource page. * [Mitigating Pass-the-Hash and Other Credential Theft v1](http://download.microsoft.com/download/7/7/A/77ABC5BD-8320-41AF-863C-6ECFB10CB4B9/Mitigating%20Pass-the-Hash%20(PtH)%20Attacks%20and%20Other%20Credential%20Theft%20Techniques_English.pdf) * [Mitigating Pass-the-Hash and Other Credential Theft v2](http://download.microsoft.com/download/7/7/A/77ABC5BD-8320-41AF-863C-6ECFB10CB4B9/Mitigating-Pass-the-Hash-Attacks-and-Other-Credential-Theft-Version-2.pdf) * [How Pass-the-Hash works](http://download.microsoft.com/download/C/3/B/C3BD2D13-FC9B-4FAB-A1E7-43FC5DE5CFB2/PassTheHashAttack-DataSheet.pdf) * [Local Administrator Password Solution](https://aka.ms/laps) - LAPS is a Microsoft supported tool that ensures local administrator accounts do not all have the same password. It is an alternative to the Edit-AllLocalAccountPasswords command found in PtHTools. * [krbtgt refresh](http://blogs.microsoft.com/microsoftsecure/2015/02/11/krbtgt-account-password-reset-scripts-now-available-for-customers/) [script](http://blogs.microsoft.com/microsoftsecure/2015/02/11/krbtgt-account-password-reset-scripts-now-available-for-customers/) - Resets the krbtgt account password twice to invalidate Kerberos tickets created by attackers (e.g. Golden Ticket). * [Securing Privileged Access](https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/securing-privileged-access) * [Privileged Access Workstations](http://aka.ms/cyberpaw) * [Enhanced Security Administrative Environment](http://aka.ms/ESAE) ## License See [LICENSE](./LICENSE.md). ## Disclaimer See [DISCLAIMER](./DISCLAIMER.md).

近期下载者：

相关文件：

评论：[我要评论] [举报此文件]

收藏者：