Attacking Active Directory with Advanced Techniques With Lab

سرفصل های دوره

Attacking Active Directory Advanced - Red Team Hacking

1. Building the Lab

1.1 Install VirtualBox & Vagrant.html

1. Install VirtualBox & Vagrant

2.1 Install git and HomeLab Setup.html

2. Install git and HomeLab Setup

3.1 Ansible Install & Playbook.html

3. Ansible Install

4.1 Setup Ubuntu Server 22.04.html

4. Setup Ubuntu Server RDP PArt 1

5.1 Setup Ubuntu Server 22.04.html

5. Setup Ubuntu Server RDP PArt 2

6.1 vagrant.html

6. Vagrant Up

7.1 vagrant.html

7. Vagrant Commands

8.1 ansible playbook.html

8. Ansible Playbook

9.1 Install VPN Server PrintUNL.html

9. VPN Setup - Part 1

10.1 Install VPN Server PrintUNL.html

10. VPN Setup - Part 2

11. Adding Parrot OS or Kali Linux

2. Reconnaissance

1.1 Good Read on Anonymously Binding or Quering LDAP and how to stop it ).html

1. Anonymously Quering or Binding LDAP To Enumerate Active Directory

2.1 All the commands are located here.html

2. Enumerate Users Anonymously - CME

3.1 All the commands for this video are located here.html

3. Enumerate Users Anonymously - RPC

4.1 All the commands for this video are located here.html

4. Enumerate Users Anonymously - enum4linux

5.1 All the commands are located here.html

5. Enumerate Guest Access on Shares - CME

3. Exploiting With Poison and Relay

1.1 All the commands are located here.html

1. I love Responder

2. The importance of SMB signing.html

3.1 All Commands are located here.html

3. responder + ntlmrelayx + proxychain = SAM Database DUMP

4.1 All the commands are located here.html

4. Socks Relay to Dump lsassy

5.1 All the commands are located here.html

5. responder + ntlmrelayx + proxychain + DonPapi & wmiexec.py

6.1 All the commands are located here.html

6. Pass-The-Hash - wmiexec.py

7.1 All the commands are located here.html

7. Pass-The-Hash - Evil-WinRm

8.1 All the commands are located here.html

8. Pass the Hash with CrackMapExec

9.1 All the commands are located here.html

9. Coerced auth smb + ntlmrelayx to ldaps with drop the mic

4. User Enumeration Exploits

1.1 All the commands are located here.html

1. Exploiting Username - ASREP

2.1 All the commands are located here.html

2. Password Spray

3.1 All the commands are located here.html

3. User listing with GetADUsers and ldapsearch

4.1 All the commands are located here.html

4. Kerberoasting User Accounts

5.1 All the commands are located here.html

5. Setting Up PowerView

6.1 All the commands for this video are located here.html

6. Get-NetUser

7.1 All the commands are located here.html

7. Get-NetGroup

8.1 All the commands are located here.html

8. Get-NetComputer

9.1 All the commands are located here.html

9. Invoke-ShareFinder

10.1 All the commands are located here.html

10. Get-NetGPO

11.1 All the commands are located here.html

11. Get-ObjectAcl

12.1 All the commands are located here.html

12. Get-NetDomainTrust

13. PowerView Bible.html

5. Exploiting Servers

1.1 All the commands are located here.html

1. NoPac Exploit From Linux With NoPAC.py

2.1 All the commands are located here.html

2. NoPac Exploit From Windows With NoPAC.exe

3.1 All the commands are located here.html

3. PrintNightmare - BRONX

4.1 All the commands are located here.html

4. PrintNightmare - BALTIMORE$

5.1 All the commands are located here.html

5. Constrained Delegation With Protocol Transition - UserElena.Lopexz

6.1 All the commands are located here.html

6. Constrained Delegation Without Protocol Transition - ServerYonkers$

7.1 All the commands are located here.html

7. Resource Based Constrained Delegation - ServerNYC$

8.1 All the commands are located here.html

8. Enumerate Trust

9.1 All the commands are located here.html

9. Foreign group and users

10.1 All the commands are located here.html

10. IIS - Webshell

11.1 All the commands are located here.html

11. Getting a Better Shell

12.1 All the commands are located here.html

12. SeImpersonatePrivilege With Invoke-BadPotato.ps1

6. Metasploit

1.1 All the commands are located here.html

1. Enumeration 1 - Users, Groups, Computers

2.1 All the commands are located here.html

2. Enumeration 2 - Arp, Tokens, Patches

3.1 All the commands are located here.html

3. Enumeration 3 - Shares, SMB, and More

4.1 All the commands are located here.html

4. Back Door Add User

5.1 All the commands are located here.html

5. HashDump With Metasploit

6.1 All the commands are located here.html

6. Lateral Movement With Metasploit

7.1 All the commands are located here.html

7. DsSync With Metasploit from NT AutoritySystem to Administrator

8.1 All the commands are located here.html

8. Golden Ticket with Metasploit

9.1 All the commands are located here.html

9. BackDoor Meterpreter Service

7. BloodHound

1.1 All the commands are located here.html

1. Blooodhound & Neo4j Install

2.1 All the commands are located here.html

2. Hunting with bloodhound Collector

8. Active Directory Certificate Services (ADCS)

1.1 All the commands are located here.html

1. ADCS reconnaissance and enumeration (with certipy and bloodhound)

2.1 All the commands are located here.html

2. coerce to domain admin with petitpotam - ESC8

3.1 All the commands are located here.html

3. coerce to domain admin with certipy- ESC8

4.1 All the commands are located here.html

4. ADCS Exploitation with certipy - ESC1

5.1 All the commands are located here.html

5. ADCS Exploitation with certipy - ESC2 & ESC3

6.1 All the commands are located here.html

6. ADCS Exploitation with certipy - ESC4

7.1 All the commands are located here.html

7. ADCS Exploitation with certipy - ESC6

8.1 All the commands are located here.html

8. Certifried with certipy - CVE-202226923

9.1 All the commands are located here.html

9. Shadow Credentials with certipy

9. User ACL Exploits

1.1 All the commands are located here.html

1. Recon ACL with BloodHound

2.1 All the commands are located here.html

2. ForceChangePassword

3.1 All the commands are located here.html

3. GenericWrite - (Target Kerberoasting)

4.1 All the commands are located here.html

4. WriteDacl on User

5.1 All the commands are located here.html

5. Add self on Group

6.1 All the commands are located here.html

6. AddMember on Group

7.1 All the commands are located here.html

7. WriteOwner on Group

8.1 All the commands are located here.html

8. Generic all on user

9.1 All the commands are located here.html

9. GPO abuse

10.1 All the commands are located here.html

10. LAPS Read Password Abuse

10. MSSQL servers Exploitation

1.1 All the commands are located here.html

1. Enumerate MSSQL servers with GetUserSPNs & NMAP

2.1 All the commands for this video are located here.html

2. Enumerate MSSQL servers with CrackMapExec and Impacket

3.1 All the commands are located here.html

3. Exploiting MSSQL - impersonate - execute as login

4.1 All the commands are located here.html

4. Exploiting MSSQL - Coerce and relay

5.1 All the commands are located here.html

5. Exploiting MSSQL - trusted links

6.1 All the commands are located here.html

6. Exploiting MSSQL - Command execution to shell - Yonkers

7.1 All the commands are located here.html

7. Exploiting MSSQL - Command execution to shell - Salisbury

45,900 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: Udemy