Active Directory Penetration Testing for Red Teams

• Author RFS
• Join my Discord dedicated to Active Directory Attacks by RFS
• Join PopLabSec Discord

• Active Directory Penetration Testing
• Infrastructure Penetration Testing
• Networks Penetration Testing
• Web Applications Penetration Testing
• Wireless Security
• Ethical Hacking

• NetBIOS
• DNS
• MsSQL
• LDAP
• Kerberos
• Samba
• IIS
• Exchange
• WinRM
• SCCM

• Nmap
• CrackMapExec
• Rubeus
• Certify
• Mimikatz
• BloodHound
• DeathStar
• Metasploit
• Empire
• Covenant
• Cobal Strike

• Attack Privilege Requirements
• Kerbrute Enumeration — No domain access required
• Pass the Ticket — Access as a user to the domain required
• Kerberoasting — Access as any user required
• AS-REP Roasting — Access as any user required
• Golden Ticket — Full domain compromise (Domain Admin) required
• Silver Ticket — Service hash required
• Skeleton Key — Full domain compromise (Domain Admin) required