You still don't understand the purpose of security config section.I think it's a matter of justice.
But if I have to be honest I don't know it well.
It is as if something is not in the right place.
I have read of Security Configurations that use W.10 which may be more at risk than mine.
Its purpose isn't a contest with other members about who has the safest coolest config.
It is about sharing a setup to other members, especially beginners who may need some example/inspirations/recommendations.
1- Ask yourself, will you recommend XP to a beginner?
2- Will you tell him to reproduce the multiple tweaks you had to do to secure XP?
I bet you will say no in both cases, so you know why your config will never be tagged as "secured" because (using an analogy), you use a boat with many known holes, and fix the said holes with your personal sklills, which is out of reach for an average user.
About Mimikatz, focus on blocking in-memory attack vectors, it is where Mimikatz is best used.
Blocking only LOLbins wont help much.
the safest combo is and always will be : a true anti-exploit + a default-deny application.
The titanic was solid, unfortunately, he was not made to hit a giant iceberg. like a car isn't designed to survive a direct hit against a concrete wall..."Amateurs built the Ark and it was the professionals that built the Titanic"
I see. I feel the same way.
Btw, the Titanic was real, the Ark, not so much. Me too i can pretend i build an UFO and say it fly better than a plane...LOL
Last edited by a moderator: