Windows Persistence & Autorun Audit with PowerShell (2026)
Persistence is how malware and forgotten scripts come back after every reboot. Enumerate Run keys, scheduled tasks and unsigned autorun binaries from PowerShell....
Windows Administration
Windows Server, Active Directory, and PowerShell guides
Windows Local Admin & User Audit with PowerShell (2026)
Hunt local admins, dormant accounts, the Guest account state and unknown SIDs across the fleet โ and ship a clean compliance report from PowerShell....
Active Directory Password Policy Audit with PowerShell (2026)
A clean AD password posture is more than the default domain policy. Audit FGPP overrides, accounts with PasswordNeverExpires, stale accounts and weak lockout โ from PowerShell....
Windows Service Security Audit with PowerShell (2026)
Windows services are a classic privilege-escalation surface. Find unquoted paths, weak service ACLs and LocalSystem services running from user-writable folders โ from PowerShell....
Windows Defender + ASR Audit with PowerShell (2026)
A green Microsoft Defender icon does not prove your endpoint is hardened. Audit ASR rules, exclusions, real-time protection state and tamper protection from PowerShell....
Windows Firewall Audit with PowerShell: A Practical 2026 Guide
A clean Windows Firewall audit is more than "Firewall is on". Inspect every profile, find dangerous Allow Any Any rules, detect GPO overrides, and ship a defensible compliance report from PowerShell....
Windows Secure Boot Audit with PowerShell: A Complete 2026 Guide
Stop guessing whether your Windows endpoints are actually protected by Secure Boot. Learn how to audit the firmware state, the UEFI key store, the TPM and BitLocker from PowerShell โ and ship a clean PASS / WARN / FAIL compliance report your auditors will accept....
Windows Update Troubleshooting and Reset Scripts (2026)
Windows Update fails in interesting and creative ways. Here is the canonical reset script, the error codes that point at the actual cause, the WSUS gotchas, and a single PowerShell snippet that fixes 80% of "stuck on 0%" problems....
Active Directory Replication Troubleshooting with repadmin and dcdiag (2026)
AD replication problems get worse the longer you ignore them. Here is the canonical troubleshooting flow with repadmin /showrepl, dcdiag, the error codes that actually matter, and how to recover from the bad cases (lingering objects, USN rollback)....