Active Directory Exploitation and Lateral Movement Black-Box

سرفصل های دوره

Exploiting Kerberos Delegations, Forest Trusts, SQL Server, ACLs, Excessive Users and Groups privilege and Many more

1. Creating Active Directory Penetration Testing Lab

1. OverView

2. Creating VMs and Downloading Evaluation Copies of Windows Servers and Clients

3. Installing Windows Server 2019 as root Domain

4. Installing AD-DS on ROOT-DC01

5. Installing and Configuring Sql Server on ROOT-DC01

6. Installing and Configuring the Child Domain

7. Installing TRUSTED-DC03 for Forest Trust

8. Installing and Configuring Sql Server on TRUSTED-DC03

9. Installing and Configuring WIndows 10 Client Machine

10. Installing windows server 2016 as DMZ-SRV

11. Installing and Configuring Sql Server on DMZ-SRV

12. Installing Windows Server 2008 as File Server

13. Configuring Trust Relationship between Forests

14. Creating Domain Users

15. Creating Groups and GPO

16. Foreign Group Membership Configuration

17. Creating Mssql Server logins, Databases and login Impersonation

2. External Enumeration

1.1 Active Directory Exploitation and Lateral BlackBox Approach.pdf

1. Ports Scanning with Nmap

2. SMB null session enum with smbclient,smbmap nbtscan , rpcclient and Nmap

3. Bruteforcing Mssql Server with Nmap

4. Bruteforcing Mssql Server with hydra

5. Bruteforcing Mssql Server with Metasploit

6. Bruteforcing Mssql Server with Crackmapexec

3. Code Execution and Initial Enumeration

1. Code Execution with with Crackmapexec using Sql Server sa Credential

2. Uploading SharpView.exe to the DMZ Server using Cracmapexec

3. Domain Enumeration with Sharpview.exe

4. Getting Foothold Using Crackmapexec with Mssql Credential

5. Getting Foothold Using Impacket with Mssql Credential

4. Post Exploitation

1. Dumping System Secrets with mimikatz

2. Port forwarding with netsh windows native tool

3. Pivoting with chisel and proxychains

5. Internal Domain Enumeration with PowerView Python

1. Domain Users Enumeration with PowerView Python

2. Domain Groups Enumeration with PowerView Python

3. Domain Computers Enumeration with PowerView Python

4. Forest trust enumeration with PowerView Python

6. Internal Domain enumeration with CrackMapExec

1. Domain Users, Groups, Computers and Shares Enumeration with CrackMapExec

7. Domain Enumeration with Windapsearch

1. Domain Users, Groups and Computer enumeration with Windapsearch

8. Domain Enumeration with rpcclient

1. Domain Users, Groups and Computers Enumeration with rcpclient

9. Domain Enumeration with BloodHound

1. Domain Enumeration with Bloodhound

10. Domain Privilege Escalation

1. ASREProasting with impacket

2. Kerberoasting with impacket

3. ASREProasting with CrackMapExec

4. Kerberoasting with CrackMapExec

5. DCSync with CracMapExec and Impacket

6. Computer Unconstrained delegation

7. Computer Unconstrained Delegation - Printer Bug

8. Computer Constrained Delegation with impacket

9. Resource-Based Constrained Delegation with impacket

10. Link-local multicast name resolution (LLMNR Poisoning) exploiting with responder

11. Domain PrivEsc Mssql server-CrackMapExec

1. Exploiting SQL Impersonation from public role to sysadmin role with CrackMapexec

2. Little about CrackMapExec Database

12. Domain PrivEsc Mssql server - Impacket

1. Exploiting SQL Server Nested impersonation with Impacket

13. Pass the Hash Lateral Movement

1. Pass the hash (Pth) with CrackMapExec, Impacket, Evil-winrm and xfreerdp

14. Cross-Forest Trust Attack

1. Cross-Forest Trust AsReproasting

2. Cross-Forest Trust Kerberoasting

3. Foreign Group Membership Enumeration

4. Foreign Group Membership Attack

15. Cross-Forest Trust SQL Server Trustworthy Database Attack

1. Cross-Forest Privilege Escalation Trustworthy database, with PowerUPSQL

16. Attacking Domain Trusts - Child - Parent Trusts

1. Domain Privilege Escalation from DA of Child Domain to EA domain with Powershell

2. Domain Privilege Escalation from DA of Child Domain to EA domain Impacket

17. Active Directory Persistence

1. Golden Ticket with Impacket

2. Silver Ticket with Impacket

3. AdminSDHolder Overview

4. ACL Attack ForceChangePassword

5. ACL Attack GenericWrite

6. AdminSDHolder ACL Attack

179,000 تومان

افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: Udemy