Awesome
Active Directory Penetration Testing and Security
Resources for AD penetration testing and security
Videos by yours truly
Setup Domain Controller and Active Directory For Penetration Testing https://www.youtube.com/watch?v=j5AI-BKXmCw
Create and configure domain accounts for multiple password attacks https://www.youtube.com/watch?v=MigPswiQFOg
Kerberos AS-REP Roasting with HTB Sauna https://www.youtube.com/watch?v=3GvcfQSOj5E
More coming soon...
Pentest/Red Team General
https://zer1t0.gitlab.io/posts/attacking_ad/
https://gist.github.com/jivoi/c354eaaf3019352ce32522f916c03d70
https://lolbas-project.github.io/
https://adsecurity.org/?p=2362
General Active Directory Concepts
https://adsecurity.org/?p=2288
Active Directory Enumeration
http://woshub.com/get-aduser-getting-active-directory-users-data-via-powershell/
http://www.harmj0y.net/blog/redteaming/local-group-enumeration/
https://www.sans.org/security-resources/posters/bloodhound-cheat-sheet/430/download
Authentication Attacks
NTLM
https://www.crowdstrike.com/cybersecurity-101/ntlm-windows-new-technology-lan-manager/
Kerberos Attacks
https://blog.redforce.io/windows-authentication-attacks-part-2-kerberos/
https://stealthbits.com/blog/what-is-kerberos/
http://www.harmj0y.net/blog/activedirectory/roasting-as-reps/
https://m0chan.github.io/2019/07/31/How-To-Attack-Kerberos-101.html
https://stealthbits.com/blog/how-to-detect-pass-the-ticket-attacks/
https://book.hacktricks.xyz/windows/active-directory-methodology/over-pass-the-hash-pass-the-key
Password Spraying
https://github.com/dafthack/DomainPasswordSpray
https://medium.com/walmartglobaltech/windows-for-loop-password-spraying-made-easy-c8cd4ebb86b5
Mimikatz
https://ivanitlearning.wordpress.com/2019/09/07/mimikatz-and-password-dumps/
https://en.hackndo.com/remote-lsass-dump-passwords/#mimikatz-module
https://www.hackingarticles.in/powershell-empire-for-pentester-mimikatz-module/
Lateral Movement
https://posts.specterops.io/offensive-lateral-movement-1744ae62b14f
https://blog.ropnop.com/using-credentials-to-own-windows-boxes-part-3-wmi-and-winrm/
ACLs
Lab Setup
https://github.com/WazeHell/vulnerable-AD
https://thedarksource.com/setting-up-an-active-directory-lab-for-red-teaming/