- This repository focuses on hacking and compromising the
Active-Directorysecurity within an internal network.
Active Directory is a directory service developed by Microsoft that provides:
- Centralized management of users, computers, and resources.
- Authentication and authorization through Kerberos and LDAP.
- Organized structure of domains, forests, and trusts to manage access across networks.
Hacking AD involves several key stages:
-
Enumeration
Discover and map the AD environment, looking for misconfigurations, weak credentials, and vulnerable services. -
Exploitation
Use techniques like:- LLMNR/NBT-NS Poisoning
- SMB Relay attacks
- Kerberoasting
- Golden-Ticket attacks
- GPP / cPassword
- Pass-the-Hash
- Pass-the-Password
- Access Control List attack
- Dsync attacks
- Dangerous priviliges
- Abusing Vulnerable legacy systems (Eternal Blue...)
- Abusing misconfigured printers using LDAP
- And much more.
-
Privilege Escalation
Gain domain administrator privileges by leveraging AD-specific attack paths. -
Post-Exploitation
Maintain access, pivot to other machines, and exfiltrate valuable data.
My Certification | Active-Dir Hacking:
Access to computer systems is illegal and unethical.