By Waseem Akram on 1/9/2022
This post contains Active Directory Pentesting resources to prepare for new OSCP (2022) exam.
This post contains Active Directory Pentesting resources to prepare for new OSCP (2022) exam.
Active Directory madness and the Esoteric Cult of Domain Admin! - alh4zr3d
TryHackMe - Advent of Cyber + Active Directory - tib3rius
Common Active Directory Attacks: Back to the Basics of Security Practices - TrustedSec
How to build an Active Directory Lab - The Cyber Mentor
Zero to Hero (Episode 8,9,10) - The Cyber Mentor
Top Five Ways I Got Domain Admin on Your Internal Network before Lunch
https://medium.com/@Dmitriy_Area51/active-directory-penetration-testing-d9180bff24a1
https://book.hacktricks.xyz/windows/active-directory-methodology
https://zer1t0.gitlab.io/posts/attacking_ad/
https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
https://infosecwriteups.com/active-directory-penetration-testing-cheatsheet-5f45aa5b44ff
Active Directory Basics - Easy
Post-Exploitation Basics - Easy
Vulnnet Roasted - Easy
Attacktive Directory - Medium
raz0r black - Medium
Enterprise - Medium
Vulnnet Active - Medium
Zero Logon - Hard
Holo - Hard
Throwback - Easy
Forest - Easy
Active - Easy
Fuse - Medium
Cascade - Medium
Monteverde - Medium
Resolute - Medium
Arkham - Medium
Mantis - Hard
APT - Insane
Dante - Beginner
Offshore - Intermediate
RastaLabs - Intermediate
Cybernetics - Advanced
APT Labs - Advanced
ActiveDirectory LDAP - Medium
ActiveDirectory Powerview - Medium
ActiveDirectory BloodHound - Medium
OSCP - Offensive Security Certified Professional - Offsec - Intermediate
CRTP - Certified Red Team Professional - Pentester Academy - Beginner
CRTE - Certified Red Team Expert - Pentester Academy - Expert
CRTO - Certified Red Team Operator - Zeropoint Security - Intermediate
Practical Ethical Hacking - TCM Security
Active Directory Pentesting Full Course - Red Team Hacking
Red Team Ethical Hacking - Beginner
Red Team Ethical Hacking - Intermediate
Nishang Mimikatz Kekeo Rubeus Powersploit Powercat PowerUpSQL HeidiSQL
Hutch, Heist & Vault
Today we’re gonna see an effective technique to mantain access in Windows systems during red team operations just by modifying a registry key...
Read MoreToday we’ll learn an advanced shellcode injection technique used by Lazarus group which uses UuidFromStringA API call. In this technique, the malware..
Read MoreInstahack is a security tool officially designed to test the password strength of Instagram accounts using termux and kali with a brute force attack...
Read MoreToday we’re gonna see a simple malware development technique, Shellcode injection via CreateRemoteThread in Golang...
Read MoreToday we'll see how we can use Golang internal functions from syscall and golang.org/x/sys/windows packages to call Windows API. Other languages like C o C++ are specifically
Read MoreThe basename command in Linux is used to extract the last element of a file path. This is particularly helpful in bash scripts where you only need the...
Read More