Skip to content
Cyberforce Academy
  • Home
  • Academy
  • Playground
  • Login
  • Profile
  • Logout
  • Home
  • Training

Active Directory Attacks

Curriculum

  • 10 Sections
  • 25 Lessons
  • Lifetime
Expand all sectionsCollapse all sections
  • Introduction
    1
    • 1.1
      Introduction
  • Lab Access
    1
    • 2.1
      Lab Access
  • Module 1: Enumeration
    5
    • 3.1
      Host Discovery
    • 3.2
      Service Discovery
    • 3.3
      User enumeration over LDAP
    • 3.4
      Enumeration using CMD and Powershell
    • 3.5
      BloodHound
  • Module 2: LLMNR Poisoning
    2
    • 4.1
      LLMNR/NBT-NS Poisoning
    • 4.2
      Cracking NTLMv2 Hashes with Hashcat
  • Module 3: NTLM/SMB Relay
    3
    • 5.1
      SMB Relay
    • 5.2
      Dump SAM hashes via Relay attack
    • 5.3
      Shell Access
  • Module 4: Pass-the-Hash
    2
    • 6.1
      PtH with Impacket
    • 6.2
      PtH with CrackMapExec / NetExec
  • Module 5: Lateral Movement
    4
    • 7.1
      Lateral Movement with CrackMapExec / NetExec
    • 7.2
      Lateral Movement with Impacket
    • 7.3
      PSRemoting
    • 7.4
      Lateral movement via RDP
  • Module 6: Privilege Escalation
    4
    • 8.1
      Kerberoasting
    • 8.2
      ACL Abuse
    • 8.3
      Unconstrained Delegation
    • 8.4
      AD CS Attacks
  • Module 7: Domain Persistence
    1
    • 9.1
      Forging a Golden Ticket
  • Module 8: Domain Compromise
    2
    • 10.1
      Dump NTDS.dit
    • 10.2
      Cross-Trust Attacks
This content is protected, please login and enroll in the course to view this content!
Introduction
Prev
Host Discovery
Next
Designed by Nasio Themes || Powered by WordPress