Advanced Windows Active Directory Penetration Testing
Published 10/2024
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz, 2 Ch
Genre: eLearning | Language: English | Duration: 123 Lectures ( 7h 29m ) | Size: 3.3 GB
Horn Your Internal Windows AD Pentesting Skills
What you'll learn Overview of Penetration Testing, it's limitations and some logistics in delivering a pentest engagement.
Deploy an Active Directory lab to execute attacks in a safe environment.
Master the fundamentals of Active Directory (AD).
Walkthrough the phases of AD Kill Chain when conducting a Windows Active Directory penetration tests.
Learn to use an external OSINT as part of your internal AD penetration testing process.
Learn Initial Access techniques such
as Kerberos-based Password Spray, NTLM Relay, NBNS/LLMNR protocol abuse, AS-REP Roasting, etc.
Learn Network and Domain Enumeration techniques, both manually and semi-automatically using tools such as Dig, Nslookup, NetExec, BloodHound, etc.
Learn Domain Privilege Escalation and Lateral Movement techniques by abusing Kerberos Protocol for attacks such as Kerberoasting, Kerberos Delegations, etc.
Learn Domain Privilege Escalation and Lateral Movement techniques by abusing misconfigured Active Directory Access Control Lists (ACLs).
Learn Domain Privilege Escalation and Lateral Movement techniques by abusing general misconfigurations and poor AD User habits.
Abuse misconfigured Active Directory Certificate Services for Privilege Escalation and Dominance.
Learn Domain Persistence techniques such as Golden Ticket, Silver Ticket, Diamond Ticket, Sapphire Ticket.
Explore different advanced techniques in Cross Domain and Cross Forest attacks such as SID Filtering bypass, etc.
Writing a Penetration Testing Report that will help your client in prioritizing and addressing discovered attack vectors and vulnerabilities.
Requirements Basic Foundation in Active Directory: A basic understanding of core Active Directory concepts such as User Accounts, Groups, Group Policy, and Domain Name System (DNS) is essential.
Basic Networking Knowledge: Familiarity with network protocols such as TCP/IP, firewalls, and network segmentation is recommended.
Command Line/Terminal Experience: Comfortable navigating the Windows and Linux command line/terminal and using basic commands is necessary.
Penetration Testing Experience: Experience in conducting penetration testing.
Willingness to Learn: Penetration testing is a constantly evolving field. A dedication to continuous learning is essential for success.
Determination and Patience: Penetration testing can be challenging. Be prepared to invest time and effort to master these advanced techniques.
Solid Computer: A computer with at least 32 Gig of RAM and 300 Gig of free Hard Drive space. A Windows OS is preferable.
Description Windows Active Directory (AD) has been the center stage for most corporate infrastructure for decades. Hence, it is crucial for security professionals to grasp the intricacies and threats associated with Windows infrastructures.Active Directory Penetration Tests offer a better way for security experts to analyze and engage with the threats present in modern AD environments. This course, suitable for experienced pentesters and anyone interested in taking their pentesting to the next level, includes loads of detailed videos and thorough walkthroughs of attack scenarios and vectors, built upon extensive practical experience and dedicated research in compromising Windows AD ecosystems.This course emulates real-world attack scenarios, beginning with an adversary with nothing but just a network-level access and no Active Directory-level access to obtaining an initial foothold, laterally moving withing the network and escalating privileges to that of Enterprise Administrator level. The emphasis lies on abusing often-overlooked domain features rather than merely software vulnerabilities.Key areas of focus include:External OSINTInitial Access via Kerberos-based Password Spray, Network Protocol Abuses, etc.Active Directory Situational AwarenessPrivilege Escalation via Kerberoasting, Kerberos Delegations, Access Control Lists, etc.Persistence via Golden Ticket, Silver Ticket, Diamond Ticket, Sapphire Ticket, etc.Abusing Active Directory Certificate Services (AD CS)Domain and Forest Trust AbusesPenetration Testing Report Writing