README
Uncover comprehensive insights into Active Directory Penetration Testing with our detailed article. Gain a deeper understanding of how to identify vulnerabilities and strengthen your network security
Home | Projects | Discord | Videos | Courses | Author | Contact
Active Directory Penetration Testing
Welcome to the Active Directory Attacks Documentation for Red Teams!
This documentation serves as a comprehensive resource for understanding various attack techniques and vulnerabilities associated with Active Directory environments.
Whether you are a security professional, system administrator, or simply interested in learning about cyber security, this documentation will provide valuable insights into the risks and countermeasures related to Active Directory attacks.
In this documentation, you will find detailed explanations of different attack techniques employed by malicious actors to compromise Active Directory infrastructures.
We cover well-known techniques such as Pass-the-Hash, Golden Ticket, Kerberoasting, and more. Each attack technique is accompanied by a description, potential impact, detection methods, and recommended mitigation strategies.
My aim is to help you understand the inner workings of these attacks, enabling you to identify vulnerabilities within your own Active Directory environment and implement effective security measures to protect against them. Additionally, we provide real-world examples and practical guidance to enhance your understanding of the attack vectors and their implications.
We encourage you to explore the various sections of this documentation, where you will find detailed explanations, step-by-step guides, and recommended best practices to secure your Active Directory infrastructure. Stay one step ahead of potential threats and bolster your organization's security posture with the knowledge gained from this documentation.
Remember, a well-informed defender is better equipped to safeguard their Active Directory environment against malicious actors. Let's dive in and strengthen our defenses against Active Directory attacks!
Happy learning and stay secure!
Learn Active Directory
Windows Attack Scenarios
Active Directory External Reconnaissance
Active Directory (AD) External Reconnaissance is a methodology used to gather information and assess the security posture of an organization's Active Directory infrastructure from an external perspective.
Active Directory Attacks Theory
Initial Compromise
Host Reconnaissance
Domain Enumeration
Local Privilege Escalation
Administrator Enumeration
Lateral Movement
Domain Admin privs
Cross Trust Attacks
Domain Persistence
Exfiltrate
Active Directory Attacks by Service Type (Protocol)
My Tools Arsenal Documentation
Windows Privilege Escalation
Domain Privilege Escalation
Attack Privilege Requirements
Kerbrute Enumeration — No domain access required
Pass the Ticket — Access as a user to the domain required
Kerberoasting — Access as any user required
AS-REP Roasting — Access as any user required
Golden Ticket — Full domain compromise (Domain Admin) required
Silver Ticket — Service hash required
Skeleton Key — Full domain compromise (Domain Admin) required
AD Attacks
Last updated