Sometimes back I asked ChatGPT to provide me with a list of topics to cover in AD Pentesting in the end the list came to about 40 Topics, Will be using this repository to share notes and resources on the following topics.
- Introduction to Active Directory
- Setting Up a Pentesting Lab
- Domain Enumeration
- Credential Dumping Techniques
- Kerberos Attacks
- NTLM Relay Attacks
- Group Policy Preference (GPP) Attacks
- LDAP and Active Directory Enumeration
- BloodHound and AD Graphy Analysis
- Delegation Attacks
- Password Spraying and Brute Forcing
- SPN Scanning
- RID Cycling
- DACLs and ACEs
- Token Impersonation
- Silver Tickets
- DSRM (Directory Services Restore Mode) Exploitation
- DNSAdmins Attacks
- AdminSDHolder and SDProp
- Shadow Groups
- Trusted Forest Exploitation
- SYSVOL and Netlogon Scanning
- Password Filters Exploitation
- Abusing Cross Forest Trusts
- Printer Bug and Other Known Exploits
- RCE in AD
- Securing Sensitive AD Attributes
- Fine-grained Password Policies
- Attack Remediation and Rollback
- Monitoring and Logging for AD
- Advanced BloodHound Use
- Offensive PowerShell for AD
- Hardening Active Directory
- Virtualization-based Security and Credentials Guard
- Building a Red Team AD Lab
- Zero Trust Architecture and AD
- Pivot and Lateral Movement
- Detecting and Defending Against AD Attacks
- Cleaning and Maintaining Access