02-02-2024, 11:48 AM
Published 2/2024
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz
Language: English | Size: 10.69 GB | Duration: 14h 41m
Learn How to Build And Attack Advanced Active Directory Red Team Penetration Testing Lab
[b]What you'll learn[/b]
Student will learn how to build active directory lab create forests and trust between forests
Learn how to enumerate information from Active Directory, including users, groups, computers, and trust relationships. Understand the importance of information
Learn how to abuse some active directory intended functionality to established foothold and escalate privilege
Identify common attack vectors in Active Directory, such as misconfigurations, weak passwords, and insecure group memberships. Understand how attackers exploit
Understand the importance of reconnaissance in penetration testing. Learn to use tools for AD reconnaissance, such as BloodHound and PowerView.
Explore common vulnerabilities in Active Directory, such as pass-the-hash attacks, Kerberoasting, and DCSync attacks.
Understand post-exploitation activities, including lateral movement and privilege escalation.
Understand the concept of trusts in Active Directory and how they can be exploited
Learn about common trust-based attacks, such as Golden Ticket attacks.
[b]Requirements[/b]
Basic knowledge of Ethical Hacking
Willingness to Learn
Computer with minimum of 16 of RAM and 300 GB of HDD space corei5
[b]Description[/b]
Understanding Windows Active Directory is an invaluable skill for security professionals for several compelling reasons1 Critical Infrastructure: Active Directory is a critical component in most Windows-based networks, serving as the backbone for authentication, authorization, and resource management. Penetrating Active Directory can lead to unauthorized access to sensitive information, making it a prime target for attackers. Understanding how to test and secure it is essential for protecting overall network security.2 Common Attack Vector: Active Directory is a common target for attackers attempting to compromise an organization's network. Knowing how to conduct penetration testing allows security professionals to identify and address vulnerabilities before malicious actors can exploit them.3 Risk Mitigation: By proactively testing Active Directory, security professionals can identify and mitigate potential risks and vulnerabilities. This proactive approach is essential for preventing security incidents and data breaches.4 Career Advancement: For individuals pursuing a career in cybersecurity, having expertise in Active Directory penetration testing is a valuable skill. Employers often seek professionals who can assess and enhance the security of critical infrastructure components like Active Directory.Red Team Operations: Active Directory penetration testing is a fundamental skill for red team operations. Red teams simulate real-world attacks to test an organization's defenses, and a strong understanding of Active Directory is essential for effective red teaming.In summary, learning Active Directory penetration testing is important for enhancing cybersecurity, preventing unauthorized access, meeting compliance requirements, and staying ahead of evolving cyber threats. It equips security professionals with the skills needed to protect critical IT infrastructure and respond effectively to security challenges.
Overview
Section 1: Introduction
Lecture 1 Introduction to Active Directory
Lecture 2 Lab Setup Overview
Section 2: Lab Setup
Lecture 3 Creating VMs and Downloading Evaluation Copies of Windows Servers and Clients
Lecture 4 Installing Windows Server 2019 as root Domain
Lecture 5 Installing AD-DS on ROOT-DC01
Lecture 6 Installing and Configuring Sql Server on ROOT-DC01
Lecture 7 Installing and Configuring the Child Domain
Lecture 8 Installing TRUSTED-DC03 for Forest Trust
Lecture 9 Installing and Configuring Sql Server on TRUSTED-DC03
Lecture 10 Installing and Configuring WIndows 10 Client Machine
Lecture 11 Building Metasploitable3 on Windows Server 2008
Lecture 12 Configuring Trust Relationship between Forests
Lecture 13 Creating Domain Users
Lecture 14 Creating Groups and GPO
Lecture 15 Foreign Group Membership Configuration
Lecture 16 Creating Mssql Server logins, Databases and login Impersonation
Section 3: Tools Installation
Lecture 17 Installing Remote Server management Tool (RSAT)
Section 4: Enumeration Using RSAT
Lecture 18 DC Enumeration with RSAT
Lecture 19 Domain Users Enumeration with RSAT
Lecture 20 Domain Groups Enumeration with RSAT
Lecture 21 Domain Computers Enumeration with RSAT
Lecture 22 Trusts Enumeration with RSAT
Section 5: Enumeration Using PowerView
Lecture 23 Getting PowerView
Lecture 24 DC Enumeration with PowerView
Lecture 25 Domain Users Enumeration with PowerView
Lecture 26 Domain Groups Enumeration with PowerView
Lecture 27 Domain Computers Enumeration with PowerView
Lecture 28 Trusts Enumeration with PowerView
Section 6: BloodHound
Lecture 29 Enumerating Users, Groups, ACLs, Computers with BloodHound
Section 7: Local Privilege Escalation
Lecture 30 Hunting for User's local admin right
Lecture 31 Exploiting mssql server impersonation to Escalate local Privilege
Section 8: Domain Privilege Escalation
Lecture 32 Kerberoasting with Rubeus
Lecture 33 DCSYNC
Lecture 34 Kerberos Unconstrained Delegation - Rubeus
Lecture 35 Kerberos Unconstrained Delegation - PrinterBug
Lecture 36 Kerberos Constrained Delegation
Lecture 37 Resource-Based Constrained Delegation Part 1
Lecture 38 Resource-Based Constrained Delegation Part 2
Lecture 39 Domain Privilege Escalation with Inveigh
Lecture 40 Domain Privilege Escalation - Bruteforcing Mssql Server
Lecture 41 Domain Privilege Escalation - Trustworthy Databases Part 1
Lecture 42 Domain Privilege Escalation - Trustworthy Databases Part 2
Section 9: Cross-Forest Trust Attack
Lecture 43 Enumerating Cross-Forest Users and Groups
Lecture 44 Cross-Forest ASRepRoasting
Lecture 45 Cross-Forest Kerberoasting
Lecture 46 ACL Attack Chain
Lecture 47 Foreign Group Membership Attack
Section 10: Domain Trusts - Child -> Parent Trusts
Lecture 48 Password Spray Admin Password reuse case
Lecture 49 DA to EA ExtraSIDs Attack
Section 11: Active Directory Persistence
Lecture 50 Golden Ticket
Lecture 51 Silver Ticket
Lecture 52 AdminSDHolder OverView
Lecture 53 AdminSDHolder and ACL Attack
Students who want tp become an Active Directory Pentesting Expert,Student Intending to sit for OSCP Exam,Students who want to know how build and Exploit Active Directory Lab
Homepage