It’s been a while since I last posted, I’ve been busy with personal things, but I want to retake sharing things I know about Active Directory exploitation. We’ll continue adding misconfigurations to our Active Directory environment, to further explore ACL exploitation paths. We’ll add a new domain user, max.power in Continue Reading
RT/BT – Active Directory enumeration and ACL exploitation for privilege escalation – Part 1
In this post we will use different tools to analyze an Active Directory environment, both from Linux and Windows. This post is useful for both Pentesters and Blue Team members, as it identifies possible attack vectors and insecure configurations on a domain. Both to exploit from the attacker’s side, and Continue Reading
Laboratory – Creating our first Active Directory test enviroment.
In this location, I’ll be showcasing the step by step procedure I usually follow whenever I need to deploy an Active Directory environment, whether it’s for pentesting/red team tests or to try out forensic tools/SOC capabilities or similar (Blue team). To deploy our environment we’ll need a host, dedicated one Continue Reading