Active Directory Exploitation Cheat Sheet Logo

Active Directory Exploitation Cheat Sheet

0
Free
Visit Website

This cheat sheet contains common enumeration and attack methods for Windows Active Directory. This cheat sheet is inspired by the PayloadAllTheThings repo. Tools: - Domain Enumeration - Using PowerView - Using AD Module - Using BloodHound - Remote BloodHound - On Site BloodHound - Using Adalanche - Remote adalanche Useful Enumeration Tools: - Local Privilege Escalation - Useful Local Priv Esc Tools Lateral Movement: - Powershell Remoting - Remote Code Execution with PS Credentials - Import a PowerShell Module and Execute its Functions Remotely - Executing Remote Stateful commands - Mimikatz - Remote Desktop Protocol - URL File Attacks Useful Tools: - Domain Privilege Escalation - Kerberoast - ASREPRoast - Password Spray Attack - Force Set SPN - Abusing Shadow Copies - List and Decrypt Stored Credentials using Mimikatz - Unconstrained Delegation - Constrained Delegation - Resource Based Constrained Delegation - DNSAdmins Abuse - Abusing Active Directory-Integrated DNS - Abusing Backup Operators Group - Abusing Exchange - Weaponizing Printer Bug - Abusing ACLs - Abusing IPv6 with mitm6 - SID History Abuse - Exploiting SharePoint - Zerologon - PrintNightmare - Active

FEATURES

ALTERNATIVES

Comprehensive cheat sheet for SQLite SQL injection techniques and payloads.

Java MODBUS simulator with scriptable functions and dynamic resource creation.

A university course focused on vulnerability research, reverse engineering, and binary exploitation to teach practical offensive security skills.

A website for information on Linux and BSD distributions.

Comprehensive documentation for ThreatConnect's REST API and SDKs.

Collection of cybersecurity conference videos from GreHack 2018 covering various cutting-edge topics.

A video-sharing platform for creators to share their content and for users to discover new content, with a focus on cybersecurity.

A guide outlining security considerations for using OpenLDAP Software, including selective listening and IP firewall capabilities.