Active Directory & Kerberos Abuse

A collection of techniques that exploit and abuse Active Directory, Kerberos authentication, Domain Controllers and similar matters.

From Domain Admin to Enterprise AdminKerberoastingKerberos: Golden TicketsKerberos: Silver TicketsAS-REP RoastingKerberoasting: Requesting RC4 Encrypted TGS when AES is EnabledKerberos Unconstrained DelegationKerberos Constrained DelegationKerberos Resource-based Constrained Delegation: Computer Object Take OverDomain Compromise via DC Print Server and Kerberos DelegationDCShadow - Becoming a Rogue Domain ControllerDCSync: Dump Password Hashes from Domain ControllerPowerView: Active Directory EnumerationAbusing Active Directory ACLs/ACEsPrivileged Accounts and Token PrivilegesFrom DnsAdmins to SYSTEM to Domain CompromisePass the Hash with Machine$ AccountsBloodHound with Kali Linux: 101Backdooring AdminSDHolder for PersistenceActive Directory Enumeration with AD Module without RSAT or Admin PrivilegesEnumerating AD Object Permissions with dsaclsActive Directory Password Spraying
PreviousSQL Injection & XSS PlaygroundNextFrom Domain Admin to Enterprise Admin

Last updated

Was this helpful?