Categories

Techniques and tools for mapping out Active Directory domains, discovering users, groups, and other valuable information.

Techniques for moving laterally within a compromised network to gain further access and privileges in an Active Directory environment.

Methods for escalating privileges within an Active Directory domain, including exploitation of misconfigurations and vulnerabilities.

Methods and techniques for maintaining long-term access to compromised systems and networks within Active Directory.

Techniques for stealing and exploiting user credentials in Active Directory environments.

Techniques for abusing and exploiting Group Policy Objects (GPOs) in Active Directory.

Exploits and attacks targeting the Kerberos authentication protocol used in Active Directory.

Methods for exploiting misconfigurations and vulnerabilities in Active Directory Certificate Services.

Best practices, tools, and methodologies for defending against various Active Directory attacks and improving overall AD security.

Techniques for exploiting and abusing trust relationships between domains and forests in Active Directory.

Attacks that exploit vulnerabilities in LDAP implementations and misconfigurations in Active Directory.

Techniques for exploiting DNS in Active Directory environments, including DNS spoofing and cache poisoning.

Methods for identifying and exploiting common misconfigurations in Active Directory setups.

Techniques and tools for conducting forensic analysis in Active Directory environments after a security incident.

Attacks targeting hybrid and cloud-integrated Active Directory environments, including Azure AD.

Explore advanced techniques for evading detection and bypassing security controls in Windows environments, including Active Directory.

Techniques for exploiting vulnerabilities and misconfigurations in System Center Configuration Manager (SCCM) within Active Directory environments.

Techniques for exploiting vulnerabilities and misconfigurations in Microsoft Exchange Server within Active Directory environments.

Techniques for exploiting vulnerabilities and misconfigurations in Microsoft SQL Server within Active Directory environments.

Advanced techniques for exploiting and abusing trust relationships between domains, forests, and external entities in Active Directory environments.