Posted in: Active Directory, All

Kerberoasting with CrackMapExec: A Comprehensive Guide

Kerberoasting is a type of attack that exploits the way Microsoft Active Directory handles service accounts. In this article, we will explore how to perform Kerberoasting with CrackMapExec, a powerful penetration testing tool. We will cover the basics of Kerberos authentication, how Kerberoasting works, and how to use CrackMapExec to extract Kerberos tickets and crack […]

Posted in: Active Directory, Infrastructure

Kerberos Penetration Testing Fundamentals

Today I will write about Kerberos Penetration Testing, which Active Directory uses to manage authentication inside the corporate environments. First a brief explanation about how Kerberos works and what we should know before try to hack Kerberos. How does Kerberos work? Kerberos Components TGT – Ticket Granting Ticket SPN – Service Principals Names are associated […]

Posted in: Active Directory

Understanding the Active Directory Pass the Hash Attack

The Active Directory Pass the Hash (PtH) attack is a type of credential theft attack that allows an attacker to bypass authentication measures and gain unauthorized access to systems. In this attack, the attacker steals the hash of a user’s login credentials from one system and uses it to authenticate to another system without the […]

Posted in: Active Directory

Active Directory Password Cracking with HashCat

Learn how to crack Active Directory Passwords using Hashcat Crack LM Hashs LM hash is used by Microsoft LAN manager used on old versions, which is totally insecure. We can crack LM with hashcat using: How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases […]

Posted in: Active Directory

Active Directory Penetration Testing: Methodology

Today I am writing about Active Directory penetration Testing methodology, this is part of my study for eCPPTv2 by eLearningSecurity and CRTP by Pentester Academy. Active Directory is a service to manage corporate domains it can handle all types of Microsoft services and objects applying for permissions while handling all accounting centralized. My goal in […]

Posted in: Active Directory

Enumerating Active Directory: Domains

In this tutorial, we will learn steps to start our journey on Active Directory enumeration, first step is to enumerate information about the Domain. Then we will extract information about the Users, Computers, Domain Administrators, Enterprise Administrators, and network shares. Understand how to start enumerating a Domain Controller and escalate your privileges inside the network. […]

Posted in: Penetration Testing Tools, Active Directory

How to Install Bloodhound on Linux

How to Install Bloodhound on Linux and correct Java problems. Install JAVA and Dependencies Install Neo4J Neo4J Configuration File Reset Neo4J Password Linux Installation BloodHound Configure Bloodhound Only collect from the DC, doesn’t query the computers (more stealthy) Data Collection Windows – SharpHound Windows – Powershell Windows – RustHound Cloud Azure

Posted in: Active Directory

Windows Privilege Escalation Fundamentals: A Guide for Security Professionals

Privilege escalation is a critical security issue in Windows operating systems, as it allows attackers to gain elevated access to a system or network, giving them the ability to perform malicious activities, such as installing malware, stealing sensitive data, and creating backdoors for future access. Therefore, understanding the fundamentals of Windows privilege escalation is essential […]

Posted in: Active Directory

Active Directory Attacks: Free Guide

Learn how advanced Active Directory Attacks are executed and secure your infrastructure. On Going Study… Domain Enumeration with PowerView Active Directory Attacks – Initial Attack Vectors active directory vulnerabilities LLMNR Poisoning / SMB Relay Attacks Capturing NTLMv2 Hashs SMB Signing Disable Passback Attack Enumerating Domain Data with Bloodhound Active Directory Attacks – Post-Compromise Pass […]

Back to Top