Lab of a Penetration Tester: Abusing DNSAdmins privilege for escalation in Active Directory
This lab demonstrates how to escalate privileges in an Active Directory environment by abusing the DNSAdmins privilege. The lab explains how a user who is a member of the DNSAdmins group or has write privileges to a DNS server object can load an arbitrary DLL with SYSTEM privileges on the DNS server. The lab setup includes enumerating users who are part of the DNSAdmins group using PowerView and targeting the buildadmin user in a real-world scenario.
FEATURES
ALTERNATIVES
An attacker can create a new IAM policy version and set it as the default version without requiring the iam:SetDefaultPolicyVersion permission.
A blog post explaining the concept of Active Directory Trusts and their enumeration and exploitation
This article discusses protected accounts and groups in Active Directory, providing examples and screenshots to illustrate key concepts.
Okta Customer Identity Cloud is a CIAM solution that provides secure, customizable identity management for consumer and SaaS applications.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.