• Post category:StudyBullet-5
  • Reading time:7 mins read


Attacking and Hacking Active Directory

What you will learn

 

Red Team Active Directory Hacking

 

How to Find Vulnerabilities in Active Directoy

 

How To Exploit Active Directory

 

Domain Privilege Escalation

 

PowerView PowerShell Module

 

Active Directory Enumeration

 

Active Directory Post Exploitation

 

Active Directory Pre Exploitation

 

Local Privilege Escalation

 


Get Instant Notification of New Courses on our Telegram channel.


Domain Persistence and Dominance

Description

Most enterprise networks today are managed using Windows Active Directory and it is imperative for a security professional to understand the threats to the Windows infrastructure.

Active Directory Pretesting is designed to provide security professionals to understand, analyze and practice threats and attacks in a modern Active Directory environment. The course is beginner friendly and comes with a walkthrough videos course and all documents with all the commands executed in the videos. The course is based on our years of experience of breaking Windows and AD environments and research.

When it comes to AD security, there is a large gap of knowledge which security professionals and administrators struggle to fill. Over the years, I have taken numerous world trainings on AD security and always found that there is a lack of quality material and specially, a lack of good walkthrough and explanation.

The course simulate real world attack and defense scenarios and we start with a non-admin user account in the domain and we work our way up to enterprise admin. The focus is on exploiting the variety of overlooked domain features and not just software vulnerabilities.

We cover topics like AD enumeration, tools to use, domain privilege escalation, domain persistence, Kerberos based attacks (Golden ticket, Silver ticket and more), ACL issues, SQL server trusts, and bypasses of defenses.

English
language

Content

Introduction

Introduction

Local Escalation and Enumeration

Local User & Group Enumeration
Network Enumeration
Antivirus & Detections
Hunting Passwords
Tools
Windows Version and Configuration
Sherlock/Watson
CVE-2019-1388
Schedule Task Privilege Escalation
Unquoted Service Path
SEImpersonate
Windows – Privilege Escalation and Local Enumeartion Cheat Sheet
Recommended Windows Hack The Box machines

Domain Enumeration

User Enumeration
Domain Group Enumeration
Domain Computer/Servers Enumeration
GPO and OU Enumeration
Domain Shares Enumeration
ACL Enumeration
Active Directory Recon
BloodHound SettingUp BloodHound
BloodHound Basics
User Hunting Domain Enumeration – Lateral Movement
Domain Enumeration Cheat Sheet – PowerView

Lateral Movement

Before You Start
How Kerberos Work
Dumping SAM and SYSTEM For Offline Cracking
SAM & LSA with MimiKatz
PassTheHash with MimiKatz
Passing the ticket
Pass the ticket with Rubeus
Session Hijack
SMB Relay Attack
Bypass AMSI with mimidogz
Bypass Anti Virus Run mimikatz
10 ways to get dump files

Domain Privilege Escalation

Before You start This Section – Domain Privilege Escalation
ACL – GenericAll on Group
Priv Esc – DNSAdmins
dcsync
Unconstrained delegation – Computer
constrained Delegation – Computer
ACL – GenericWrite on User
SET-SPN – Kerberoast
Targeted Kerberoasting – AS-REPs – FINDING
Targeted Kerberoasting – AS-REPs – SET

Domain Persistence and Dominance

DSRM
DCShadow – Change Attribute
DCShadow – SIDHistory
DCShadow – hash
Golden Ticket
AdminSDHolder – Adding Permission
AdminSDHolder – Abusing Permission