The importance of Active Directory in an enterprise cannot be stressed enough. Used by more than 90% of Fortune 1000 companies, the all-pervasive AD is the focal point for adversaries. Still, when it comes to AD security, there is a large gap of knowledge, which security professionals and administrators struggle to fill. Over the years, we have taught numerous professionals in real world trainings on AD security and always found that there is a lack of quality material, which can take students from basics of Active Directory security, and teach them how to attack and defend it.
Attacking and Defending Active Directory is beginner friendly course designed for security professionals who would like to enhance their AD security knowledge and want to understand practical threats and attacks in a modern Active Directory environment. The course is based on our years of experience of making and breaking Windows and AD environments and teaching security professionals.
We cover topics like AD enumeration, trusts mapping, domain privilege escalation, domain persistence, Kerberos based attacks (Golden ticket, Silver ticket and more), ACL issues, SQL server trusts, Defenses and bypasses of defenses.
You can either create your own Active Directory lab and follow along, or subscribe to one of our premium labs.
Learn to find credentials and sessions of high privileges domain accounts like Domain Administrators, extracting their credentials and then using credential replay attacks to escalate privileges, all of this with just using built-in protocols for pivoting.
Learn to extract credentials from a restricted environment where application whitelisting is enforced. Abuse derivative local admin privileges and pivot to other machines to escalate privileges to domain level.
Cross trust attacks
Learn to elevate privileges from Domain Admin of a child domain to Enterprise Admin on the forest root by abusing Trust keys and krbtgt account.
Execute intra-forest trust attacks to access resources across forest.
Abuse database links to achieve code execution across forest by just using the databases.
Sales Page: https://www.pentesteracademy.com/course?id=47
Recensioni
Ancora non ci sono recensioni.