Explore >> Select a destination
|
You are here 
|
www.labofapenetrationtester.com | ||
| | | | |
zer1t0.gitlab.io
|
|
| | | | | ||
| | | | |
blog.ikuamike.io
|
|
| | | | | Introduction After passing my OSCP, I am planning on doing CRTP and CRTO sometime this year. I took the OSCP exam before the updates that are focused on Active Directory so I didn't actively focus on this area. So to learn and practice on AD and Windows and also as some prep for the certifications I plan on taking, I will be doing some machines that are AD related and try to get into the details of the included misconfigurations and vulnerabilities. | |
| | | | |
adsecurity.org
|
|
| | | | | Active Directory has several levels of administration beyond the Domain Admins group. In a previous post, I explored: "Securing Domain Controllers to Improve Active Directory Security" which explores ways to better secure Domain Controllers and by extension, Active Directory. For more information on Active Directory specific rights and permission review my post "Scanning for Active ... | |
| | | | |
www.cybereason.com
|
|
| | | Cybereason GSOC observed distribution of the Bumblebee Loader and post-exploitation activities including privilege escalation, reconnaissance and credential theft. Bumblebee operators use the Cobalt Strike framework throughout the attack and abuse credentials for privilege escalation to access Active Directory, as well as abusing a domain administrator account to move laterally, create local user accounts and exfiltrate data... | ||
