Skip to content
Cyberforce Academy
  • Home
  • Academy
  • Playground
  • Login
  • Profile
  • Logout
  • Home
  • Training

Active Directory Attacks

Curriculum

  • 10 Sections
  • 25 Lessons
  • Lifetime
Expand all sectionsCollapse all sections
  • Introduction
    1
    • 1.1
      Introduction
  • Lab Access
    1
    • 2.1
      Lab Access
  • Module 1: Enumeration
    5
    • 3.1
      Host Discovery
    • 3.2
      Service Discovery
    • 3.3
      User enumeration over LDAP
    • 3.4
      Enumeration using CMD and Powershell
    • 3.5
      BloodHound
  • Module 2: LLMNR Poisoning
    2
    • 4.1
      LLMNR/NBT-NS Poisoning
    • 4.2
      Cracking NTLMv2 Hashes with Hashcat
  • Module 3: NTLM/SMB Relay
    3
    • 5.1
      SMB Relay
    • 5.2
      Dump SAM hashes via Relay attack
    • 5.3
      Shell Access
  • Module 4: Pass-the-Hash
    2
    • 6.1
      PtH with Impacket
    • 6.2
      PtH with CrackMapExec / NetExec
  • Module 5: Lateral Movement
    4
    • 7.1
      Lateral Movement with CrackMapExec / NetExec
    • 7.2
      Lateral Movement with Impacket
    • 7.3
      PSRemoting
    • 7.4
      Lateral movement via RDP
  • Module 6: Privilege Escalation
    4
    • 8.1
      Kerberoasting
    • 8.2
      ACL Abuse
    • 8.3
      Unconstrained Delegation
    • 8.4
      AD CS Attacks
  • Module 7: Domain Persistence
    1
    • 9.1
      Forging a Golden Ticket
  • Module 8: Domain Compromise
    2
    • 10.1
      Dump NTDS.dit
    • 10.2
      Cross-Trust Attacks
This content is protected, please login and enroll in the course to view this content!
Lateral Movement with Impacket
Prev
Lateral movement via RDP
Next
Designed by Nasio Themes || Powered by WordPress