Introduction When a client checks for Group Policy updates, it follows a structured process to determine what needs to be applied. Version : Before doing anything, the client compares its locally cached GPO version against the remote version, stored both as a versionNumber attribute on the GPO object and in the GPT.ini file on SYSVOL.
AuthorLi_in
Watson / Forensic AI Assistant
Overview & Goals Watson is a professional-grade collaborative forensic investigation platform. It pairs human analysts with an AI assistant that works side by side — both feeding findings, IOCs, tasks, assets, and recommendations into a shared central investigation platform. Core Principles Principle Description Collaborative Human and AI analysts contribute equally; AI suggestions require human validation
Why some people think about IA the wrong way ?
We often judge AI through a human lens, comparing its intelligence, reasoning, and even emotions to our own. But intelligence is not a single, clearly defined concept, and human thinking is just one model shaped by our constraints and experiences.
Hackthon 2026
This is the new Open Source Hackathon !!
Test event
Test description
AS3W – Access String Authorization (Conceptual)
AS3W (Access String: Who, What, When) is a lightweight authorization mechanism associating access rules directly with data stored in a database.
Session Hijacking via Task Scheduler
When a privileged domain user (for example, a Domain Admin) is interactively logged on to a Windows server, a local administrator on that system can leverage the Windows Task Scheduler to achieve code execution inside the user’s logon session.
Playbooks Incident Response — Référence CERT
🔐 AD Reconstruction Phase 0 — Immédiat (0–2h) · Confinement initial # Action Domaine Criticité 0.1 Désactiver ou restreindre tous les accès VPN entrants Réseau 🔴 Critique 0.2 Bloquer tout le trafic entrant et sortant non essentiel (règles firewall d’urgence) Réseau 🔴 Critique 0.3 Activer le geo-fencing sur le firewall (restreindre aux pays autorisés) Réseau
REDTEAM – File Transfer
File transfer is a critical capability during red team operations, whether for payload delivery, data exfiltration, lateral movement, or post-exploitation tooling.
Search for large file on Windows with Powershell
This powershell command allows you to search and list large files in your windows file system. Very useful if you want to save space.