Explore concrete, practical strategies for penetration testing Active Directory to prevent enterprise cybersecurity threats.
Overview
Syllabus
Introduction
- Understand and test the security of identity providers
- What you should know
- Disclaimer
- Understand Active Directory's role in security
- The LDAP protocol
- Interact with LDAP at the command line
- The LDAPAdmin tool
- What is Active Directory?
- Interact with Active Directory at the command line
- Access LDAP services with a GUI client
- Add users and computers to a domain
- Active Directory security audit
- Set up for testing
- Extract the AD hashes
- Password spraying Active Directory
- Kerberos brute-forcing attacks
- Use CrackMapExec to access and enumerate AD
- Investigate the SYSVOL share
- Take advantage of legacy data
- Specific Active Directory attacks
- Remote extraction of AD hashes
- Carry out a Kerberos roasting
- Run a no-preauthentication attack
- Forge a golden ticket
- Running a shadow attack
- Using rubeus to take over the domain
- Relaying attacks to get a certificate
- Using smartcards to gain privileged access
- Set the BloodHound loose
- Next steps
Taught by
Malcolm Shore