HTTP Security Headers for IIS 8 and up

Bored of those wannabe “Security Researchers” who respond to your Bug Bounty program because you don’t have a HSTS policy set or some ‘exploit’ that you can only do to yourself? Here I wrote down a few examples that you can copy/paste in your Powershell console to apply to your sites.

Of course, be careful and read up about the possible consequences of these settings! I will try to give a brief overview about the possibilities where it applies in a later stage.
(more…)

Move Exchange Mailboxes using a CSV

The Problem: Corrupted Exchange System User

Today we faced a challenge. Since one the administrative users in our MS Exchange environment was corrupted, we decided to create a new mailbox database (MDB) and move the users to that new database.  Sound quite easy, don’t you think? Here is what we came up with.

(more…)