Attacking And Defending Active Directory

Explore Active Directory Pentesting: Attack, Defend, and Secure. Master AD Security.

What you'll learn

Concepts Of Active Directory Pentesting

Vulnerability Assessment

Exploitation Techniques

Post-Exploitation Activities

Mitigation and Defense

Hands-On Labs

Requirements

You will learn everything about Active Directory Pentesting no previous knowlege is required.

A Computer or a PC is required

Description

Embark on a cybersecurity journey with our course, "Attacking and Defending Active Directory." This comprehensive program is tailored for both cybersecurity enthusiasts and professionals seeking to master the complexities of Active Directory security. The course kicks off with fundamental topics such as Active Directory basics, authentication processes, and essential PowerShell and file transfer skills.Gain an in-depth understanding of Active Directory structure and components.Explore the intricacies of domains, forests, trust relationships, and organizational units.Learn to identify and assess vulnerabilities within Active Directory configurations.Analyze Group Policy settings and other security parameters for weaknesses.Explore common misconfigurations and security weaknesses in Active Directory.Develop proficiency in exploiting vulnerabilities to gain unauthorized access.Develop strategies for securing and hardening Active Directory environments.Understand best practices for defending against common attack techniques.In the initial stages, participants will build a solid foundation in understanding the structure of Active Directory, exploring its components, organizational units, and trust relationships. The focus then shifts to authentication mechanisms, ensuring a secure environment for user identities and access controls. The course further hones skills in PowerShell and file transfer techniques, providing essential tools for effective penetration testing in a Windows environment.As the journey progresses, participants will delve into the heart of offensive security, learning to breach, enumerate, and exploit vulnerabilities within Active Directory environments. Engaging lectures, hands-on labs, and real-world simulations offer a dynamic learning experience. The course culminates in a comprehensive understanding of lateral movement, pivoting, persistence strategies, and advanced exploitation techniques. Throughout the program, ethical hacking principles and responsible disclosure practices are emphasized, ensuring participants are well-equipped to navigate, assess, and fortify Active Directory environments confidently. Join us in mastering the art of attacking and defending Active Directory—enroll now to elevate your cybersecurity expertise!

Overview

Section 1: Introduction

Lecture 1 Introduction

Section 2: Active Directory Basics

Lecture 2 Active Directory Basics

Lecture 3 Task

Section 3: Active Directory Authentication

Lecture 4 Active directory authentication overview

Lecture 5 Hashing algorithms in windows

Lecture 6 Kerberos basics

Lecture 7 Components of kerberos

Lecture 8 kerberos explanation with diagram

Lecture 9 Difference between NTLM and kerberos authentication

Lecture 10 Group policy in active directory

Lecture 11 Task

Section 4: Active Directrory Pentesting Lab Setup

Lecture 12 Overview of lab setup

Lecture 13 Necessary files for lab setup

Lecture 14 Domain controller installation and setup

Lecture 15 Windows client installation

Lecture 16 Domain Controller configuration

Lecture 17 Joining computers with domain controller

Lecture 18 Clinet machines configuration

Lecture 19 Client machines configurations -2

Section 5: Powershell Basics and File Transfer Basics

Lecture 20 Powershell overview

Lecture 21 Powerhsell commands practical

Lecture 22 File transfer methods overview

Lecture 23 File transfer practical

Section 6: Breaching In Active Directory

Lecture 24 Breaching overview

Lecture 25 OSINT and phishing

Lecture 26 Initial access using web attacks

Lecture 27 LLMNR poisoning overview and mitigations

Lecture 28 LLMNR poisoning practical attack using SMB

Lecture 29 LLMNR poisoning practical attack using WPAD

Lecture 30 SMB relay attack overview and mitigations

Lecture 31 SMB relay attack practical

Lecture 32 AS-REP Roasting overview

Lecture 33 AS-REP Roasting practical attack

Lecture 34 PasswordSpray attack overview

Lecture 35 PasswordSpray attack practical

Lecture 36 More methods of initial access on AD

Lecture 37 Breaching mitigations

Section 7: Enumeration In Active Directory

Lecture 38 Enumeration in active directory overview

Lecture 39 Enumeration using powershell native commands

Lecture 40 PowerView overview

Lecture 41 PowerView - 1

Lecture 42 Lab Update

Lecture 43 PowerView - 2

Lecture 44 PowerView - 3

Lecture 45 BloodHound overview

Lecture 46 BloodHound Practical

Lecture 47 AD lab troubleshooting

Lecture 48 Task

Section 8: Lateral Movement In Active Directory

Lecture 49 Lateral movement overview

Lecture 50 Pass-the-hash attack overview and mitigations

Lecture 51 Pass-the-hash attack practical

Lecture 52 Pass-the-ticket overview

Lecture 53 Pass-the-ticket attack practical

Lecture 54 Overpass-the-hash overview

Lecture 55 Overpass-the-hash attack practical

Lecture 56 RDP Hijacking overview

Lecture 57 RDP Hijacking attack practical

Lecture 58 Task

Section 9: Pivoting

Lecture 59 Pivoting intro

Lecture 60 Lab setup overview

Lecture 61 Chisel intro

Lecture 62 Pivoting practical

Section 10: Exploitation In Active Directory

Lecture 63 Exploitation overview

Lecture 64 Kerberosting overview

Lecture 65 kerberosting Practical

Lecture 66 Exploiting permission delegation overview #1

Lecture 67 Exploiting permission delegation practical #1

Lecture 68 Exploiting permission delegation overview #2

Lecture 69 Exploiting permission delegation practical #2

Lecture 70 Group memebership abuse overview #1

Lecture 71 Group memebership abuse practical #1

Lecture 72 Group memebership abuse overview #2

Lecture 73 Group memebership abuse practical #2

Lecture 74 More on group membership abuse

Lecture 75 GPO abuse overview

Lecture 76 GPO abuse practical

Lecture 77 Extracting logged on admins hashes

Lecture 78 Printnightmare attack overview

Lecture 79 Printnightmare attack practical

Lecture 80 Zerologgon attack overview

Lecture 81 Zerologgon attack practical

Lecture 82 Keberos delegation overview

Lecture 83 Task

Section 11: Persistance In Active Directory

Lecture 84 Persistance overview

Lecture 85 Golden and silver ticket attack overview and mitigations

Lecture 86 Golden and silver ticket attack practical

Lecture 87 Diamond ticket attack overview

Lecture 88 Diamond ticket attack practical

Lecture 89 DCSync overview

Lecture 90 DCSync attack practical

Lecture 91 DSRM abuse overview

Lecture 92 DSRM Abuse practical

Lecture 93 GPO for persistance

Lecture 94 Task

Section 12: Bonus Lecture

Lecture 95 Bonus lecture

Ethical hackers,Red Teamers,Penetration Testers