Useful AD Resources
Downloads and Tools
-
Impacket Tools: https://github.com/SecureAuthCorp/impacket/releases
-
Powerview: https://github.com/PowerShellEmpire/PowerTools/tree/master/PowerView
-
Sharphound: https://github.com/BloodHoundAD/BloodHound/blob/master/Collectors/SharpHound.ps1
-
Mimikatz: https://github.com/gentilkiwi/mimikatz
-
Praeda: https://github.com/percx/Praeda
-
SYSVOL Script: (https://support.microsoft.com/en-us/kb/2962486)
-
LAPS: (https://www.microsoft.com/en-us/download/details.aspx?id=46899))
-
cube0x0 RCE: https://github.com/cube0x0/CVE-2021-1675
-
calebstewart LPE: https://github.com/calebstewart/CVE-2021-1675
Articles and Blogs
-
Top 5 ways I got Domain: https://adam-toscher.medium.com/top-five-ways-i-got-domain-admin-on-your-internal-network-before-lunch-2018-edition-82259ab73aaa
-
Account tiering: https://www.ravenswoodtechnology.com/how-to-mitigate-privilege-escalation-with-the-tiered-access-model-for-active-directory-security/
-
mitm6: https://blog.fox-it.com/2018/01/11/mitm6-compromising-ipv4-networks-via-ipv6/
-
Combining NTLM Relays and Kerberos Delegation: https://dirkjanm.io/worst-of-both-worlds-ntlm-relaying-and-kerberos-delegation/
-
Hacking Printers Cheatsheet: http://www.hacking-printers.net/wiki/index.php/Printer_Security_Testing_Cheat_Sheet
-
A Pen Tester’s Guide to Printer Hacking: https://www.mindpointgroup.com/blog/how-to-hack-through-a-pass-back-attack/
-
Bypass Antivirus: https://sushant747.gitbooks.io/total-oscp-guide/content/bypassing_antivirus.html
-
GPP cPassword Attack: https://www.rapid7.com/blog/post/2016/07/27/pentesting-in-the-real-world-group-policy-pwnage/
-
Active Directory Security Blog: https://adsecurity.org/
-
Harmj0y Blog: http://blog.harmj0y.net/
-
Pentester Academy Active Directory: https://www.pentesteracademy.com/activedirectorylab
-
Pentester Academy Red Team Labs: https://www.pentesteracademy.com/redteamlab
-
eLS PTX: https://elearnsecurity.com/product/ecptx-certification/