Skip to content
Cyberforce Academy
Home
What is Pentesting?
Our Services
Playground
Academy
TactixC2
Login
My Profile
Home
Training
Active Directory Attacks
Curriculum
16 Sections
44 Lessons
Lifetime
Expand all sections
Collapse all sections
Introduction
2
1.1
Introduction
1.2
The Active Directory Kill Chain
Lab Access
1
2.1
Complete Lab Setup with Terraform
Module 1: Enumeration
3
3.1
Host Discovery
3.2
Service Discovery
3.3
User enumeration over LDAP
Module 2: Breached Credentials
4
4.1
Assumed Breach
4.2
OSINT
4.3
Brute Forcing Passwords
4.4
Password Spraying
Module 3: LLMNR Poisoning
2
5.1
LLMNR/NBT-NS Poisoning
5.2
Cracking NTLMv2 Hashes with Hashcat
Module 4: SMB/NTLM Relay
3
6.1
SMB Relay
6.2
Dump SAM hashes via Relay attack
6.3
Shell Access
Module 5: IPv6 DNS Takeover
1
7.1
IPv6 DNS Takeover/LDAP Relay
Module 6: AS-REP Roasting
1
8.1
AS-REP Roasting
Module 7: Domain Discovery
3
9.1
ADPulse
9.2
BloodHound
9.3
powerview.py
Module 8: Shell Access
4
10.1
Shell Access with Impacket
10.2
Shell Access with Metasploit
10.3
Shell Access with Evil-WinRM
10.4
Coding Custom Shellcode
Module 9: File Transfers
2
11.1
File Transfers over HTTP
11.2
File Transfers over SMB
Module 10: Post Exploitation
6
12.1
System Enumeration
12.2
Enumeration using CMD and Powershell
12.3
Search Filesystem
12.4
Data Mining Windows
12.5
Dump LSASS with Mimikatz
12.6
Local Privilege Escalation
Module 11: Lateral Movement
5
13.1
PtH with CrackMapExec / NetExec
13.2
Lateral Movement with CrackMapExec / NetExec
13.3
Lateral Movement with Impacket
13.4
PSRemoting
13.5
Lateral movement via RDP
Module 12: Privilege Escalation
4
14.1
Kerberoasting
14.2
ACL Abuse
14.3
Unconstrained Delegation
14.4
AD CS Attacks
Module 13: Domain Compromise
2
15.1
Dump NTDS.dit
15.2
Cross-Trust Attacks
Module 14: Domain Persistence
1
16.1
Forging a Golden Ticket
This content is protected, please
login
and
enroll
in the course to view this content!
Search Here...