Audit Office Documents with Macros with Powershell

Every organisation sooner or later has to deal with Office documents with macros enabled. Risk assessment and auditing are the first steps when planning to disable them via group policy or just to mitigate risk implied.

The priority should target real usage and avoid any untrusted macro. In this article I will try to help to create a simple report where we can simply leverage powershell to find documents with macros enabled.

Continue reading “Audit Office Documents with Macros with Powershell”

Powershell, How to store your credentials

The first step working with automation and PowerShell is completing an authentication process against a remote server and providing the right credentials. In the previous article our aim was to raise the awareness of how SecureString can be used in a very unsafe way, now we simply would like to show you what to avoid and how to store your credentials.

Continue reading “Powershell, How to store your credentials”

Passwords and SecureString, How To Decode It with Powershell

Powershell is frequently described as secure by default or design, but I’ve found that end-users could be frequently tempted to take risks or bypass the security or not aware of what the implications are.

Nothing really new to most developers or sysadmins, but not many of them have gone through the process of decoding a SecureString, even if is quite a trivial exercise. Continue reading “Passwords and SecureString, How To Decode It with Powershell”