This is a guide to setting up a windows domain in a virtual lab to practice penetration testing. I recommend starting with setting up a lab and reading the mini introduction.
This guide/tutorial will teach you the following:
- Creating a basic windows domain with a few hosts and a domain controller.
- Credential Replay Attacks
- Domain Privilege Escalation
- Dumping System and Domain Secrets
- Empire
- A ton of cool attacks on Microsoft infrastructure
Obvious disclaimer is obvious
The tools demonstrated in this guide should not be used in an environment without complete authorization from it's legal owner. I.e. don't be stupid.
Future plans
- Introduction to Active Directory
- Kerberos and authentication in AD
- Introduction to PowerShell
- Exploiting MSSQL Servers
- Client Side Attacks
- Domain Enumeration and Information Gathering
- Local Privilege Escalation
More advanced stuff for the future
- Kerberos Attacks and Defense (Golden, Silver tickets and more)
- Abusing Cross Domain Trusts
- Delegation Issues
- Persistence Techniques
- Abusing SQL Server Trusts in an AD Environment
- Backdoors and Command and Control
- Other trusts in AD
- Detecting attack techniques
- Defending an Active Directory Environment
- Attacking domain trusts