Attacking And Defending Active Directory: AD Pentesting
- Description
- Curriculum
- FAQ
- Reviews
Embark on a cybersecurity journey with our course, “Attacking and Defending Active Directory.” This comprehensive program is tailored for both cybersecurity enthusiasts and professionals seeking to master the complexities of Active Directory security and Active Directory Pentesting.
The course kicks off with fundamental topics such as Active Directory basics, authentication processes, and essential PowerShell and file transfer skills.
-
Gain an in-depth understanding of Active Directory structure and components.
-
Explore the intricacies of domains, forests, trust relationships, and organizational units.
-
Learn to identify and assess vulnerabilities within Active Directory configurations.
-
Analyze Group Policy settings and other security parameters for weaknesses.
-
Explore common misconfigurations and security weaknesses in Active Directory.
-
Develop proficiency in exploiting vulnerabilities to gain unauthorized access.
-
Develop strategies for securing and hardening Active Directory environments.
-
Understand best practices for defending against common attack techniques.
In the initial stages, participants will build a solid foundation in understanding the structure of Active Directory, exploring its components, organizational units, and trust relationships. The focus then shifts to authentication mechanisms, ensuring a secure environment for user identities and access controls. The course further hones skills in PowerShell and file transfer techniques, providing essential tools for effective penetration testing in a Windows environment for Active Directory Pentesting.
As the journey progresses, participants will delve into the heart of offensive security, learning to breach, enumerate, and exploit vulnerabilities within Active Directory environments. Engaging lectures, hands-on labs, and real-world simulations offer a dynamic learning experience. The course culminates in a comprehensive understanding of lateral movement, pivoting, persistence strategies, and advanced exploitation techniques. Throughout the program, ethical hacking principles and responsible disclosure practices are emphasized, ensuring participants are well-equipped to navigate, assess, and fortify Active Directory environments confidently.
Join us in mastering the art of attacking and defending Active Directory—enroll now to elevate your cybersecurity expertise in Active Directory Pentesting!
Course Curriculum:
-
Introduction
-
Introduction
-
-
Active Directory Basics
-
Active Directory Basics
-
Task
-
Quiz
-
-
Active Directory Authentication
-
Active Directory Authentication Overview
-
Hashing algorithms in windows
-
Kerberos basics
-
Components of kerberos
-
kerberos explanation with diagram
-
kerberos explanation with diagram
-
Group policy in active directory
-
Task
-
Quiz
-
-
Active Directory Pentesting Lab setup
-
Overview of lab setup
-
Necessary files for lab setup
-
Domain controller installation and setup
-
Windows client installation
-
Domain Controller configuration
-
Joining computers with domain controller
-
Client machines configuration
-
Client machines configurations -2
-
-
Powershell Basics and file transfer basics
-
Powershell overview
-
Powerhsell commands practical
-
File transfer methods overview
-
File transfer practical
-
Quiz
-
-
Breaching In Active Directory Pentesting
-
Breaching overview
-
OSINT and phishing
-
Initial access using web attacks
-
LLMNR poisoning overview and mitigations
-
LLMNR poisoning practical attack using SMB
-
LLMNR poisoning practical attack using WPAD
-
SMB relay attack overview and mitigations
-
SMB relay attack practical
-
AS-REP Roasting overview
-
AS-REP Roasting practical attack
-
PasswordSpray attack overview
-
PasswordSpray attack practical
-
More methods of initial access on AD
-
Breaching mitigations
-
Quiz
-
-
Enumeration In Active Directory Pentesting
-
Enumeration in active directory overview
-
Enumeration using powershell native commands
-
PowerView overview
-
PowerView – 1
-
Lab Update
-
PowerView – 2
-
PowerView – 3
-
BloodHound overview
-
BloodHound Practical
-
AD lab troubleshooting
-
Task
-
Quiz
-
-
Lateral Movement in Active Directory Pentesting
-
Lateral movement overview
-
Pass-the-hash attack overview and mitigations
-
Pass-the-hash attack practical
-
Pass-the-ticket overview
-
Pass-the-ticket attack practical
-
Overpass-the-hash overview
-
Overpass-the-hash attack practical
-
RDP Hijacking overview
-
RDP Hijacking attack practical
-
Task
-
Quiz
-
-
Pivoting In Active Directory Pentesting
-
Pivoting intro
-
Lab setup overview
-
Chisel intro
-
Pivoting practical
-
Quiz
-
-
Exploitation In Active Directory Pentesting
-
Exploitation overview
-
Kerberosting overview
-
kerberosting Practical
-
Exploiting permission delegation overview #1
-
Exploiting permission delegation practical #1
-
Exploiting permission delegation overview #2
-
Exploiting permission delegation practical #2
-
Group memebership abuse overview #1
-
Group memebership abuse practical #1
-
Group memebership abuse overview #2
-
Group memebership abuse practical #2
-
More on group membership abuse
-
GPO abuse overview
-
GPO abuse practical
-
Extracting logged on admins hashes
-
Printnightmare attack overview
-
Printnightmare attack practical
-
Zerologgon attack overview
-
Zerologgon attack practical
-
Keberos delegation overview
-
Task
-
Quiz
-
-
Persistence In Active Directory Pentesting
-
Persistance overview
-
Golden and silver ticket attack overview and mitigations
-
Golden and silver ticket attack practical
-
Diamond ticket attack overview
-
Diamond ticket attack practical
-
DCSync overview
-
DCSync attack practical
-
DSRM abuse overview
-
DSRM Abuse practical
-
GPO for persistance
-
Task
-
Quiz
-
-
Bonus Lecture
-
Bonus lecture
-
Thank You,
Vivek Pandit
-
5Active Directory authentication overviewVideo lesson
-
6Hashing algorithms in windowsVideo lesson
-
7Kerberos basicsVideo lesson
-
8Components of kerberosVideo lesson
-
9Kerberos explanation with diagramVideo lesson
-
10Difference between NTLM and kerberos authenticationVideo lesson
-
11Group policy in active directoryVideo lesson
-
12TaskVideo lesson
-
13QuizQuiz
-
14Overview of lab setupVideo lesson
-
15Necessary files for lab setupVideo lesson
-
16Domain controller installation and setupVideo lesson
-
17Windows client installationVideo lesson
-
18Domain Controller configurationVideo lesson
-
19Joining computers with domain controllerVideo lesson
-
20Client machines configurationVideo lesson
-
21Client machines configurations -2Video lesson
-
27Breaching overviewVideo lesson
-
28OSINT and phishingVideo lesson
-
29Initial access using web attacksVideo lesson
-
30LLMNR poisoning overview and mitigationsVideo lesson
-
31LLMNR poisoning practical attack using SMBVideo lesson
-
32LLMNR poisoning practical attack using WPADVideo lesson
-
33SMB relay attack overview and mitigationsVideo lesson
-
34SMB relay attack practicalVideo lesson
-
35AS-REP Roasting overviewVideo lesson
-
36AS-REP Roasting practical attackVideo lesson
-
37PasswordSpray attack overviewVideo lesson
-
38PasswordSpray attack practicalVideo lesson
-
39More methods of initial access on ADVideo lesson
-
40Breaching mitigationsVideo lesson
-
41QuizQuiz
-
42Enumeration in active directory overviewVideo lesson
-
43Enumeration using powershell native commandsVideo lesson
-
44PowerView overviewVideo lesson
-
45PowerView - 1Video lesson
-
46Lab UpdateVideo lesson
-
47PowerView - 2Video lesson
-
48PowerView - 3Video lesson
-
49BloodHound overviewVideo lesson
-
50BloodHound PracticalVideo lesson
-
51AD lab troubleshootingVideo lesson
-
52TaskVideo lesson
-
53QuizQuiz
-
54Lateral movement overviewVideo lesson
-
55Pass-the-hash attack overview and mitigationsVideo lesson
-
56Pass-the-hash attack practicalVideo lesson
-
57Pass-the-ticket overviewVideo lesson
-
58Pass-the-ticket attack practicalVideo lesson
-
59Overpass-the-hash overviewVideo lesson
-
60Overpass-the-hash attack practicalVideo lesson
-
61RDP Hijacking overviewVideo lesson
-
62RDP Hijacking attack practicalVideo lesson
-
63TaskVideo lesson
-
64QuizQuiz
External Links May Contain Affiliate Links read more