Advanced Pen Testing Techniques for Active Directory
1h 41mAdvanced2023-08-10
Authors

Malcolm Shore
Cybersecurity Expert, Former Director of GCSB
Course details
As a security professional, one of your most important jobs is to make sure that only authorized users have access to your system. Most often, this is achieved via credential-based access control, where credentials are stored in central directories like Microsoft Active Directory (AD). But are you really ready to handle an unexpected cyberattack?
In this course, instructor Malcolm Shore gives you an overview of Active Directory, including how to enumerate it and validate its security with penetration testing. Explore the core concepts of penetration testing and why it’s so important for enterprise security management. Learn how AD interacts with identity providers and how you interact with it at the command line using LDAP protocol as well as through Powerpoint. Malcolm teaches you some key tricks and gives you examples of how to get the most out of your audits by understanding and utilizing spray attacks, hash extractions, impacket libraries, and brute force attacks.
In this course, instructor Malcolm Shore gives you an overview of Active Directory, including how to enumerate it and validate its security with penetration testing. Explore the core concepts of penetration testing and why it’s so important for enterprise security management. Learn how AD interacts with identity providers and how you interact with it at the command line using LDAP protocol as well as through Powerpoint. Malcolm teaches you some key tricks and gives you examples of how to get the most out of your audits by understanding and utilizing spray attacks, hash extractions, impacket libraries, and brute force attacks.
Skills covered
Active DirectoryPenetration TestingNetwork AdministrationCybersecurityNetwork and System AdministrationMicrosoftDeep Dive (X:Y)
Concepts
0. Introduction
- 01 - Understand and test the security of identity providers
- 02 - What you should know
- 03 - Disclaimer
1. Introduction to Identities
- 04 - Understand Active Directory's role in security
- 05 - The LDAP protocol
- 06 - Interact with LDAP at the command line
- 07 - The LDAPAdmin tool
- 08 - What is Active Directory
- 09 - Interact with Active Directory at the command line
- 10 - Access LDAP services with a GUI client
- 11 - Add users and computers to a domain
- 12 - Active Directory security audit
2. Testing Active Directory
- 13 - Set up for testing
- 14 - Extract the AD hashes
- 15 - Password spraying Active Directory
- 16 - Kerberos brute-forcing attacks
- 17 - Use CrackMapExec to access and enumerate AD
- 18 - Investigate the SYSVOL share
- 19 - Take advantage of legacy data
3. Advanced Penetration Testing
- 20 - Specific Active Directory attacks
- 21 - Remote extraction of AD hashes
- 22 - Carry out a Kerberos roasting
- 23 - Run a no-preauthentication attack
- 24 - Forge a golden ticket
- 25 - Running a shadow attack
- 26 - Using rubeus to take over the domain
- 27 - Relaying attacks to get a certificate
- 28 - Using smartcards to gain privileged access
- 29 - Set the BloodHound loose
Conclusion
- 30 - Next steps
Related courses
- Python: Pen Testing AWS
- Hashcat Essential Training
- Offensive Penetration Testing
- Kali Linux for Advanced Pen Testing and Ethical Hacking
- Android App Security: A Structured Approach to Pen Testing
- Penetration Testing Web Apps with Kali and Burp Suite
- Penetration Testing Essential Training
- Penetration Testing Essential Training (2021)
Related learn paths
- Become a Penetration Tester
- Become an Ethical Hacker
- Prepare for the CompTIA PenTest+ (PT0-001) Exam
- Penetration Testing Professional Certificate
- Prepare for the CompTIA Security+ (SY0-601) Certification Exam
- Become a Web Designer
- The Top Skills Engineering Professionals Have Right Now
- Become a Certified CAD Designer with SOLIDWORKS