spencer (@techspence) / X

spencer

51.9K posts

spencer

@techspence

🛠️ Former Sysadmin, now Pentester | Microsoft MVP | Helping IT teams make their environment harder to attack | @SecurIT360 & @CyberThreatPOV

🏰AD Security Resource Kit ⬇️

spenceralessi.com/adsecuritykit

Joined November 2010

Pinned
spencer
@techspence
Jun 10
If you're an IT Admin and you follow this list, and you put in the work to fix the findings, your environment will be more secure.
20K
spencer
@techspence
Jul 29, 2024
Never underestimate a properly motivated “adversary” 💪😆
871K
spencer
@techspence
Oct 1, 2025
Never underestimate a properly caffeinated user and a little PowerShell knowledge ☕🔑😆
300K
spencer
@techspence
Mar 27, 2024
Best Wi-Fi names, I’ll go first… WuTangLan 😆😆😆
418K
spencer
@techspence
Sep 8, 2024
Sysadmins, don’t do this. If your boss tells you to, still don’t.
From the ShittySysadmin community on Reddit
From reddit.com
225K
spencer
@techspence
Jan 1, 2024
The new year is almost here, don’t forget to add the following to your password cracking/spraying lists: Spring2024 Spring2024! Summer2024 Summer2024! Winter2024 Winter2024! Fall2024 Fall2024! Password2024 Password2024! Companyname2024 Companyname2024!
253K
spencer
@techspence
Nov 11, 2025
Regular reminder… this hardening series by Jerry Devore is super awesome. There’s no way you won’t learn things by reading these. Part 1 - Disabling NTLMv1 Part 2 - Removing SMBv1 Part 3 - Enforcing LDAP Signing Part 4 - Enforcing AES for Kerberos Part 5 - Enforcing LDAP
techcommunity.microsoft.com
Tag:"adhardening" | Microsoft Community Hub
Find all posts, articles, and events tagged with "adhardening" in Microsoft Community Hub. Stay informed with the latest updates from our community
91K
spencer
@techspence
Jun 6, 2024
Documentation is probably one of THE MOST underestimated SKILLS in all of IT/Security...
97K
spencer
@techspence
Apr 24, 2025
Everyone wants to spend $100k for EDR but no one wants to take away local admin rights from Suzie in accounting…
92K
spencer
@techspence
Apr 22, 2024
Active Directory hardening blog post series, like a boss, by Jerry Devore. Posting this so I can reference it later! Disabling NTLMv1 techcommunity.microsoft.com/t5/core-infras… Removing SMBv1 techcommunity.microsoft.com/t5/core-infras… Enforcing LDAP Signing -techcommunity.microsoft.com/t5/core-infras… Enforcing AES for Kerberos
110K
spencer
@techspence
Oct 1, 2025
How to learn Active Directory… Step 1. Setup your own lab. Setup laps, applocker, logon scripts, CA server, sccm, exchange, file shares etc the whole nine Step 2. intentionally misconfigure it with tools like BadBlood and BadShares (I wrote this one) or just manually screw it
68K
spencer
@techspence
Dec 9, 2024
How to make pentesters cry... Run PingCastle/PurpleKnight, Locksmith, and ScriptSentry in your environment and fix all the critical issues before your next pentest. I promise you...they will be weep
77K
spencer
@techspence
Oct 6, 2025
My oldest kid is 12. Active Directory is 25. One of them still wakes me up in the middle of the night screaming.
37K
spencer
@techspence
Aug 30, 2024
Scare a sysadmin in six words or less I’ll go first… Did you take a backup first?
125K