ZeroKeyStrokes Homelabs & Blog

Learning how to install packages with Winget, basic functionality, options, how to use. Difference between py.exe and python.exe Why Winget: Winget is a Windows package Manger that can be used to download, install, update, and configure applications using the command-line. Sounds like extra steps, but it’s actually super easy to learn* and a much safer … Read more

Analyzing suspicious documents, identifying embedded OLE Objects and how they present in various Windows document formats. Extracting embedded object for further analysis. Additional concepts: File signature identification, file extension spoofing, hex editors, common document file structures, file carving (adjacent) Lab prep: A simple “hello.exe” embedded as an Object into a Word Document. Saved document as … Read more

To see Lab setup, click here. Planting “clues”: I’m practicing how to find evidence of persistence using Windows built-in tools, logs, and cmd commands. Clues to plant: sus Scheduled Task sus Run registry key (Planning to add more clues, that are more interesting) Clue 1: Sus Scheduled task Create persistence that looks shady but doesn’t … Read more

Purpose: Create a persistent simulation lab environment. It will expand and grow, like a real small company might, introducing new opportunities for practice. Practice settings up a virtual machine in VMWare Learning setup settings, VM version control (snapshots) Practice Windows user account setup, system settings, command prompt commands Learn lab setup and preparation step Practice … Read more