Beyond-Active-Directory

I. Status Update & Real-World Application

• Status Update:

  • The skills assessments led to successful completion of objectives.

  • Demonstrated proficiency in AD environments, leading to more responsibilities.

• Real-World:

  • The module's content mirrors day-to-day penetration testing tasks.

  • Understanding AD is crucial for influencing team actions (cross-domain trusts, persistence, C2).

  • AD knowledge is essential for pivoting to hybrid and cloud environments.

  • Revisit the "Introduction to Active Directory" module for foundational knowledge.

II. What's Next?

• Further Learning:

  • Active Directory BloodHound module.

  • Active Directory LDAP and PowerView modules.

  • Cracking Passwords with Hashcat module.

• Hack The Box Resources:

  • HTB main platform targets for AD practice.

  • Intro to Zephyr on the main HTB platform.

  • HTB Tracks for curated learning.

  • Boxes to Pwn: Forest, Active, Reel, Mantis, Blackfield, Monteverde.

  • Ippsec's videos and write-ups.

  • Pro Labs: Dante and Offshore.

  • Endgames: Ascension.

III. Great Videos to Check Out

• "Six Degrees of Domain Admin" (DEFCON 24).

• "Designing AD DACL Backdoors" (Will Schroeder and Andy Robbins).

• "Kicking The Guard Dog of Hades".

• "Kerberoasting 101" (Tim Medin).

IV. Writers and Blogs to Follow

• 0xdf's walkthroughs.

• SpecterOps blog.

• Harmj0y's blog.

• AD Security Blog (Sean Metcalf).

• Shenaniganslabs.

• Dirk-jan Mollema's blog.

• The DFIR Report.

V. Closing Thoughts

• Continuous learning about AD security and TTPs is essential.

• The MITRE ATT&CK framework is a valuable resource.

• AD is a vast and evolving topic.

• Stay updated on new vulnerabilities and PoC attacks.

• Fundamental AD knowledge is crucial for both attackers and defenders.

• Focus on improving security while enjoying the learning process.