Dive into an extensive video tutorial on advanced Active Directory exploitation techniques, covering NTLM relay, token impersonation, pass the hash, and PsExec. Learn to set up lab environments, use tools like Metasploit and CrackMapExec, and gain hands-on experience with Meterpreter. Explore additional resources for penetration testing, including recommended readings and courses. The tutorial concludes with a Q&A session addressing various cybersecurity topics, career advice, and business insights for aspiring penetration testers.
Overview
Syllabus
- Welcome.
- Week overview and additional AD resources.
- Additional lab buildout.
- Loading Metasploit's psexec.
- Sidetrack -- Using CrackMapExec.
- Getting a shell with psexec.
- Fun with Meterpreter pt 1.
- Token Impersonation with Incognito.
- Fun with Meterpreter pt 2.
- Pass the hash techniques.
- NTLM relay and lab setup.
- How entry level does HTB get?.
- Do you see yourself exploiting Windows more than Linux when pentesting?.
- Did you use an Empire payload?.
- Business adventures.
- How was you first pentest on the job?.
- Do you send dropboxes to customers?.
- Discussing graphics cards.
- Citrix pentesting.
- Graphics cards part 2.
- Discussing cats!.
- Do you store cracked passwords for later use?.
- How does HTB prepare for the OSCP.
- Thoughts on eWPT?.
- What's after Zero to Hero?.
- What is your day job?.
- What's next in the course?.
- How do you plan on finding clients?.
- Family guy or American Dad?.
- Errors and Omissions insurance / business talk.
- What do you think of spectreops training?.
Taught by
The Cyber Mentor
