Skip to content

Home

Jump to bottom
Maximilian Birnbacher edited this page May 1, 2024 · 2 revisions

Welcome to the ADPentesting101 wiki!

The wiki includes guides for almost all stages (the ones I thought I would need) of a typical AD pentest you could encounter during an exam or even in the wild.

Here is a simple breakdown on how to pentest an AD:

  1. Reconnaissance Detecting a DC in the Network
  2. Find users, shares, etc. Enumeration
  3. Breach first user account Password Spray
  4. Get Windows machine in domain Domain Join
  5. Disable AV AMSI Bypass
  6. More reconnaissance Creating an Attack Path
  7. Elevate privileges WIP
  8. Dump hashes with the required rights Dumping Hashes
  9. Access privileged account without password PtH, PtT
  10. Actions on objective

OR

  1. Get desired user
  2. Good old DCSync DCSync Attack

OR

  1. Kerberoasting WIP

OR

  1. Credential Theft Shuffle (external) Attack Methods for Gaining Domain Admin Rights in Active Directory
Clone this wiki locally