A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
• To compromise a domain controller, it is not enough to find a known vulnerability, obtain user credentials, or detect an error in the security policy setting. This will provide you with minimal access, but it may not be enough to achieve all your goals.
• AD security.
* Attacks on Active Directory.
* Backdoors in Active Directory.
* Collect critical data.
* Penetration and detection techniques.
• MS Active Directory. Attacks on the domain.
* Deceive the detection tools.
* Methods of protection against detection, when attacking a domain.
* Utilities for detecting operating systems on a remote host.
* Collecting data from the logs of a Windows-based workstation.
* Get user data in Windows networks without privileges.
* Getting Administrator credentials or multiple ways to work with Mimikatz.
• To compromise a domain controller, it is not enough to find a known vulnerability, obtain user credentials, or detect an error in the security policy setting. This will provide you with minimal access, but it may not be enough to achieve all your goals.
• AD security.
* Attacks on Active Directory.
* Backdoors in Active Directory.
* Collect critical data.
* Penetration and detection techniques.
• MS Active Directory. Attacks on the domain.
* Deceive the detection tools.
* Methods of protection against detection, when attacking a domain.
* Utilities for detecting operating systems on a remote host.
* Collecting data from the logs of a Windows-based workstation.
* Get user data in Windows networks without privileges.
* Getting Administrator credentials or multiple ways to work with Mimikatz.