Name: Active Directory Exploitation and Lateral Movement BlackBox
Rating: 4.5 (136 reviews)

Udemy Business

Teach on Udemy

Turn what you know into an opportunity and reach millions around the world.

Learn More

Your cart is empty.

Keep shopping

Created byMuhammad Sada

Last updated 6/2024

English

What you'll learn

Learn how to enumerate information from Active Directory, including users, groups, computers, and trust relationships. Understand the importance of information
Learn how to abuse some active directory intended functionality to established foothold and escalate privilege
Identify common attack vectors in Active Directory, such as misconfigurations, weak passwords, and insecure group memberships. Understand how attackers exploit
Understand the importance of reconnaissance in penetration testing. Learn to use tools for AD reconnaissance, such as BloodHound and PowerView.
Explore common vulnerabilities in Active Directory, such as pass-the-hash attacks, Kerberoasting, and DCSync attacks.
Understand post-exploitation activities, including lateral movement and privilege escalation.
Understand the concept of trusts in Active Directory and how they can be exploited
Learn about common trust-based attacks, such as Golden Ticket attacks.
Student will learn how to build active directory lab create forests and trust between forests

Course content

17 sections • 66 lectures • 14h 45m total length

OverView8:43
Creating VMs and Downloading Evaluation Copies of Windows Servers and Clients20:01
Installing Windows Server 2019 as root Domain11:16
Installing AD-DS on ROOT-DC014:48
Installing and Configuring Sql Server on ROOT-DC0124:23
Installing and Configuring the Child Domain20:52
Installing TRUSTED-DC03 for Forest Trust17:58
Installing and Configuring Sql Server on TRUSTED-DC0313:18
Installing and Configuring WIndows 10 Client Machine21:37
Installing windows server 2016 as DMZ-SRV18:50
Installing and Configuring Sql Server on DMZ-SRV16:40
Installing Windows Server 2008 as File Server15:46
Configuring Trust Relationship between Forests13:50
Creating Domain Users32:23
Creating Groups and GPO15:48
Foreign Group Membership Configuration7:42
Creating Mssql Server logins, Databases and login Impersonation14:13

ASREProasting with impacket10:05
Kerberoasting with impacket8:53
ASREProasting with CrackMapExec6:45
Kerberoasting with CrackMapExec3:50
DCSync with CracMapExec and Impacket5:11
Computer Unconstrained delegation37:07
Computer Unconstrained Delegation - Printer Bug17:20
Computer Constrained Delegation with impacket9:28
Resource-Based Constrained Delegation with impacket23:46
Link-local multicast name resolution (LLMNR Poisoning) exploiting with responder11:57

Requirements

Basic knowledge of Ethical Hacking

Description

Understanding Windows Active Directory is an invaluable skill for security professionals for several compelling reasons

1 Critical Infrastructure: Active Directory is a critical component in most Windows-based networks, serving as the backbone for authentication, authorization, and resource management. Penetrating Active Directory can lead to unauthorized access to sensitive information, making it a prime target for attackers and understanding how to test and secure it is essential for protecting overall network security.

2 Common Attack Vector: Active Directory is a common target for attackers attempting to compromise an organization's network. Knowing how to conduct penetration testing allows security professionals to identify and address vulnerabilities before malicious actors can exploit them.

3 Risk Mitigation: By proactively testing Active Directory, security professionals can identify and mitigate potential risks and vulnerabilities. This proactive approach is essential for preventing security incidents and data breaches.

4 Career Advancement: For individuals pursuing a career in cybersecurity, having expertise in Active Directory penetration testing is a valuable skill. Employers often seek professionals who can assess and enhance the security of critical infrastructure components like Active Directory.

Red Team Operations: Active Directory penetration testing is a fundamental skill for red team operations. Red teams simulate real-world attacks to test an organization's defenses, and a strong understanding of Active Directory is essential for effective red teaming.

In summary, learning Active Directory penetration testing is important for enhancing cybersecurity, preventing unauthorized access, meeting compliance requirements, and staying ahead of evolving cyber threats. It equips security professionals with the skills needed to protect critical IT infrastructure and respond effectively to security challenges.

Who this course is for:

Students who want tp become an Active Directory Pentesting Expert
Student Intending to sit for OSCP Exam
Students who want to know how build and Exploit Active Directory Lab

What you'll learn

Explore related topics

Course content

Creating Active Directory Penetration Testing Lab17 lectures • 4hr 38min

External Enumeration6 lectures • 34min

Code Execution and Initial Enumeration5 lectures • 54min

Post Exploitation3 lectures • 40min

Internal Domain Enumeration with PowerView Python4 lectures • 44min

Internal Domain enumeration with CrackMapExec1 lecture • 15min

Domain Enumeration with Windapsearch1 lecture • 13min

Domain Enumeration with rpcclient1 lecture • 7min

Domain Enumeration with BloodHound1 lecture • 29min

Domain Privilege Escalation10 lectures • 2hr 14min

Requirements

Description

Who this course is for: