Monday, August 14, 2017

Current Branch for Business setting within Windows 10 Professional

The Current Branch for Business was released around four months after the Current Branch in the past, though this appears to be changing within the Fall Creator update time period.  The CBB was originally designed to give organizations time to test the new version.  To configure Windows 10 Professional to use this parameter, launch gpedit.msc with local administrative authority and navigate to Computer Configuration –> Administrative Templates –> Windows Components –> Windows Update –> Defer Windows Updates.  Modify the “Select with Feature Updates are received” entry and set it to Enabled.  Use the drop-down dialog box to select “Current Branch for Business” and enter a day value such as 90 days.


Another option at the same path is “Select when Quality Updates are received.”


This will delay the installation of monthly updates for the number of days that are specified.  When checking the Update section under Settings, a notification warning will appear stating some settings are hidden or managed.


Tuesday, August 1, 2017


CyberChef is an online utility with a large number of available parameters.  Examples would be to convert data formats such as to and from Hex, to and from Binary, etc.  A portable version can be downloaded as well.


PowerShell Group-Object

The Group-Object cmdlet within PowerShell is similar to the GROUP BY command within a normal SQL statement.  Below are a few examples of using the cmdlet to obtain count totals.



The web site for NoMoreRansom allows an individual to upload a sample file encrypted by a ransomware varient to determine if a solution is available for decrypting.


SessionGopher is a PowerShell Session Extraction tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop.

SessionGopher works by querying the HKEY_USERS hive for all users who have logged onto a domain-joined box at some point. It extracts PuTTY, WinSCP, SuperPuTTY, FileZilla, and RDP saved session information. It automatically extracts and decrypts WinSCP, FileZilla, and SuperPuTTY saved passwords.


Stitch is a cross-platform Python Remote Administration Tool. This framework allows you to build custom payloads for Windows, Mac OSX and Linux.

VMware Technical Papers web site

The URL below is the main page for the Technical Papers resource on the VMware web site.*&partialfields=(default:default)&requiredfields=&entqr=0&start=0&sort=meta:revisionDate:D&tlen=200&numgm=3&cn=vmware&cc=en&cid=&tid=&stype=main

Saturday, July 1, 2017

How to perform a full shutdown within Windows 10

By default, Windows 10 does not perform a full shutdown when the normal power menu option is used.  The Fast Startup Mode uses the hibernation file to restore a previously saved image of the Windows kernel and all necessary drivers for installed devices.

To modify the default, access Power Options and then select “Choose what the power buttons do.”  A shortcut without modifying the default is to hold the Shift key down when selecting the Shut Down menu option.


Check a Chromebook’s Battery Health

To check a Chromebook’s battery health, access the Chrome shell via Control + Alt + T and use the command battery_test.


Another method is to use the URL of chrome://power.


Whoer.Net is a web site that displays information concerning your network address and web browser.