Windows Infrastructure Security Guides

Practical, Technical, and Always Growing

This bundle includes a growing library of PDF guides built to help you secure your Windows environment and Active Directory the right way—without fluff, just hands-on knowledge.

What You Get (and Growing):

🔐 Hardening & Access Control

✔ Active Directory - Domain Join Account – Create a proper service account for domain join & lock down GPOs and remove insecure defaults.

✔ Classic LAPS – Secure your environment using Microsoft’s classic LAPS configuration with step-by-step deployment instructions.

✔ New LAPS – Learn how to securely rotate and protect local admin passwords using Microsoft’s new Local Administrator Password Solution.

✔ Protecting Smart Cards – Improve smart card security and prevent bypass attacks.

✔ AD Custom Attribute (Drink Attribute) – Extend the AD schema with custom attributes in a safe way.

📊 Monitoring & Detection

✔ Windows – Sysmon Guide – Step-by-step guide to deploy and tune Sysmon in Windows environments. Includes a configuration baseline using ThreatLog, GPO/manual installation, noise reduction tuning, and validation tips.

✔ Advanced Auditing (LSASS) – Set up advanced auditing to detect suspicious access to LSASS and protect cached credentials.

✔ AD Honeypot – Learn how to deploy a basic Active Directory honeypot to catch intrusions early.

🌐 Networking & Infrastructure

✔ Network Ports for Windows Infrastructure – Full reference on ports needed for Domain Controllers, RODCs, PAWs, Tiered access, and more. Includes Visio diagram.

And More Coming Soon.

This pack keeps growing—more guides are in development based on what admins struggle with most.