Active Directory Exploitation Cheat Sheet Logo

Active Directory Exploitation Cheat Sheet

0
Free
Visit Website

This cheat sheet contains common enumeration and attack methods for Windows Active Directory. This cheat sheet is inspired by the PayloadAllTheThings repo. Tools: - Domain Enumeration - Using PowerView - Using AD Module - Using BloodHound - Remote BloodHound - On Site BloodHound - Using Adalanche - Remote adalanche Useful Enumeration Tools: - Local Privilege Escalation - Useful Local Priv Esc Tools Lateral Movement: - Powershell Remoting - Remote Code Execution with PS Credentials - Import a PowerShell Module and Execute its Functions Remotely - Executing Remote Stateful commands - Mimikatz - Remote Desktop Protocol - URL File Attacks Useful Tools: - Domain Privilege Escalation - Kerberoast - ASREPRoast - Password Spray Attack - Force Set SPN - Abusing Shadow Copies - List and Decrypt Stored Credentials using Mimikatz - Unconstrained Delegation - Constrained Delegation - Resource Based Constrained Delegation - DNSAdmins Abuse - Abusing Active Directory-Integrated DNS - Abusing Backup Operators Group - Abusing Exchange - Weaponizing Printer Bug - Abusing ACLs - Abusing IPv6 with mitm6 - SID History Abuse - Exploiting SharePoint - Zerologon - PrintNightmare - Active

FEATURES

ALTERNATIVES

A network of physical and online cyber warfare ranges for training and testing

Cybersecurity training platform with courses, certifications, and study guides.

Free cyber security training and resources for career development.

An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Commercial

Platform offering cybersecurity courses for Red, Blue, and Purple Teamers by Picus.

Korean cyber-security challenge platform for exploiting and defending web application vulnerabilities.

Curated list of acronyms and terms related to cyber security landscape with explanations beyond buzzwords.

A comprehensive guide to mobile application penetration testing, covering various topics and techniques

PINNED