PowerShell Need Logs

PowerShell Need Logs

Many vulnerabilities commonly use PowerShell to execute attacks on your system without leaving any traces. Powershell transcription logs are turned off by default on windows. Lets change that...

- Go to your start menu and find "Registry Editor" as admin
- go to this path: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\PowerShell\Transcription
- Either create or open a DWORD called "EnableTranscripting" and set it to 1 

Now you will see powershell transcription logs anytime that anyone (or anything) uses powershell to run commands on your computer! These logs will appear in your documents folder by default. (see image attached) 

(if you want a free guide of other hardening tips like this or a better method of hardening configuration settings email me at hardeningtips@senteon.co😉 )

Old Bluetooth, Yeah its wide open...

1 min read

Old Bluetooth, Yeah its wide open...

One of the most overlooked attack surfaces on a Windows machine?Bluetooth services running in the background.Most people don’t think twice about...

READ MORE
Passwords in Chrome

1 min read

Passwords in Chrome

Passwords are really the keys to your business data. Email SaaS platforms, banking, internal systems etc. Once an attacker has a password the rest of...

READ MORE
Setup Message Not So Welcome...

1 min read

Setup Message Not So Welcome...

On personal devices (or systems not joined to a domain), have you ever seen the “Let’s finish setting up your PC” prompt?The one that really wants...

READ MORE