Active Directory – \x44\x61\x6e\x6b / Dank adventures in security Mon, 27 Mar 2023 05:25:19 +0000 en-US hourly 1 https://wordpress.org/?v=6.1.1 Cheatsheet – Active Directory Pentesting /2021/07/19/cheatsheet-active-directory-pentesting/ /2021/07/19/cheatsheet-active-directory-pentesting/#respond Mon, 19 Jul 2021 10:24:02 +0000 /blog/?p=53 Top cheat sheet resources:

  • https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
  • https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Directory%20Attack.md
  • https://book.hacktricks.xyz/windows/active-directory-methodology
  • https://github.com/infosecn1nja/AD-Attack-Defense
  • https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet

ACL/ACE Abuse Resources:

  • https://www.ired.team/offensive-security-experiments/active-directory-kerberos-abuse/abusing-active-directory-acls-aces

To Review:

  • http://www.harmj0y.net/blog/redteaming/a-guide-to-attacking-domain-trusts/
  • https://adsecurity.org/?p=2011
  • https://m0chan.github.io/2019/07/31/How-To-Attack-Kerberos-101.html#unconstrained-delegation
  • https://sixdub.medium.com/derivative-local-admin-cdd09445aac8
  • https://exploit.ph/powerview.html
  • https://exploit.ph/user-constrained-delegation.html
  • https://exploit.ph/revisiting-delegate-2-thyself.html
  • https://swarm.ptsecurity.com/kerberoasting-without-spns/
  • https://www.aisp.sg/document/CRESTConSpeaker/Delegate_or_Escalate.pdf

]]> /2021/07/19/cheatsheet-active-directory-pentesting/feed/ 0