📄️ 1. 🔒 Disable LLMNR and NetBIOS on Windows
By default, Windows ships with insecure legacy protocols like LLMNR and NetBIOS enabled. These protocols can leak username and password hashes over the network and are often abused by tools like Responder.