Lab of a Penetration Tester: Abusing DNSAdmins privilege for escalation in Active Directory
0
Free
This lab demonstrates how to escalate privileges in an Active Directory environment by abusing the DNSAdmins privilege. The lab explains how a user who is a member of the DNSAdmins group or has write privileges to a DNS server object can load an arbitrary DLL with SYSTEM privileges on the DNS server. The lab setup includes enumerating users who are part of the DNSAdmins group using PowerView and targeting the buildadmin user in a real-world scenario.
FEATURES
The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.
ALTERNATIVES
AWS IAM Security Assessment tool for identifying violations of least privilege and generating risk-prioritized reports.
Free
A simple drop-in library for managing users, permissions, and groups in your application.
Free
A list of disposable email domains to detect or block disposable accounts
Free
A blog post explaining the concept of Active Directory Trusts and their enumeration and exploitation
Free
A fully automated AD build script that configures a domain fully with adjustable XML files.
Free
An attacker can create a new IAM policy version and set it as the default version without requiring the iam:SetDefaultPolicyVersion permission.
Free
Repository documenting common techniques to bypass AppLocker with verified, unverified, and generic bypasses.
Free
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Commercial
Vulnerability Management
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security