Honey Token
Automation
Blue Team Tactics: Honey Tokens Pt. II
Part two of the honey tokens series covering PowerShell-based token deployment, validating audit ACL settings, and testing adversary interaction detection via PowerShell remoting, RDP, and Meterpreter process injection.
Automation
Blue Team Tactics: Honey Tokens Pt. I
Part one of a series on deploying honey token files in a Windows enterprise environment, covering GPO-based file system auditing, creating pseudo sensitive files, and configuring audit ACL templates.