• Эта шпаргалка описывает определенные методы, которые используются для атак Windows Active Directory. Материал постоянно обновляется и поддерживается автором в актуальном состоянии. Обязательно добавляйте в закладки и используйте на практике:
• Pre-requisites;
• PowerShell AMSI Bypass;
• PowerShell Bypass Execution Policy;
• Evasion and obfuscation with PowerShellArmoury;
• Windows Defender;
• Remote Desktop;
– Enable Remote Desktop;
– Login with remote desktop;
– Login with remote desktop with folder sharing;
• Enumeration;
– Users Enumeration;
– Domain Admins Enumeration;
– Computers Enumeration;
– Groups and Members Enumeration;
– Shares Enumeration;
– OUI and GPO Enumeration;
– ACLs Enumeration;
– Domain Trust Mapping;
– Domain Forest Enumeration;
– User Hunting;
– Enumeration with BloodHound;
– Gui-graph Queries;
– Console Queries;
• Local Privilege Escalation;
• Lateral Movement;
• Persistence;
– Golden Ticket;
– Silver Ticket;
– Skeleton Key;
– DCSync;
• Privilege Escalation;
– Kerberoast;
– Targeted Kerberoasting AS REPs;
– Targeted Kerberoasting Set SPN;
– Kerberos Delegation;
– Unconstrained Delegation;
– Printer Bug;
– Constrained Delegation;
– Child to Parent using Trust Tickets;
– Child to Parent using Krbtgt Hash;
– Across Forest using Trust Tickets;
– GenericAll Abused;
• Trust Abuse MSSQL Servers;
• Forest Persistence DCShadow.
You must be logged in to post a comment.