- Active Directory (AD)
- PowerShell
- Domain Enumeration
- Trust and Privileges Mapping
- Local Privilege Escalation
- Credential Replay Attack (Over-PTH, Token Replay, etc.)
- Domain Privilege Escalation
- Dumping System and Domain Secrets
- Kerberos Attack and Defense (Golden, Silver tickets and more)
- Abusing Cross Forest Trusts
- Delegation Issues
- Persistence Techniques
- Abusing SQL Server Trusts in an AD Environment
- Detecting Attack Techniques
- Defending an Active Directory Environment
- Bypassing Defenses
Subnet range (only on course lab) -> 172.16.1.0/24 - 172.16.17.0/24
Everything else in not in scope.
Powershell provides access to almost everything in a Windows platform and Active Directory Environment.
It's based on .NET framework and is integrated with Windows OS.
We'll use it to interpretate attacker methodologies and running powerful scripts.
{% embed url="https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/virtual-dc/active-directory-domain-services-overview" %}
{% hint style="danger" %}
**Never use tools and techniques on real IP addresses, hosts or networks without proper authorization!**❗ {% endhint %}