Discover and read the best of Twitter Threads about #ActiveDirectory

Most recents (9)

ACTIVE DIRECTORY PENTEST 🔥

Need to practice ?
Here is a list of resources 👇

-> Set up and AD home lab: blog.spookysec.net/ad-lab-1/

-> Script to set up a Vulnerable AD lab: github.com/WazeHell/vulne…

#cybersecurity #infosec #hacking #activedirectory
-> Collection of various common attack scenarios on Azure Active Directory: github.com/Cloud-Architek…

-> A great document full of resources here: linkedin.com/posts/julienpr…

-> Active Directory Exploitation Cheat Sheet: github.com/Integration-IT…

Retweet to lets other know 😊
Join here to get more stuffs and resources on Tech & Cybersecurity 👇🏻
telegram.me/h4ckerinthehou…
Read 3 tweets
Got some fantastic resources for Active Directory Penetration Testing,

Let's learn together [Thread]🧵👇
[1]
Do Active Directory Penetration Testing in a practical way, step by step guide

Part_1:Reconnaissance and scan
mayfly277.github.io/posts/GOADv2-p…

Part_2: Find users
mayfly277.github.io/posts/GOADv2-p…

Part_3:Enumeration with user
mayfly277.github.io/posts/GOADv2-p…
Read 4 tweets
1/3
📚 Excellent article on #ADSecurity, and more particularly Security Bastions (#PAM) in the context of #ActiveDirectory tiering👍 It is not easy to make it simple on this topic, and it's the case here! lnkd.in/eJ3Kz7Bq
2/3
1️⃣ In theory, there should be an instance of a bastion in each Tier
2️⃣ In reality, very few companies have a bastion on #Tier2 💻
3️⃣ First choice is to deploy a bastion on #Tier1 (large number of machines and accounts 👥️️)
3/3
4️⃣ #Tier0 can be more simply managed by #VPN + #PAWs (dedicated and hardened admin workstations)
5️⃣ Most importantly is to ensure the #PAM does not interfere with the principles of tiering... you can easily break the silos when you start playing with the functionalities 🌐
Read 3 tweets
Una herramienta que permite explorar las relaciones entre usuarios/grupos (ACL) en un #ActiveDirectory para saber si hay algo mal configurado:

Adalanche by @lkarlslund
github.com/lkarlslund/ada…

No tenía ni idea que se pudiesen dibujar estas cosas :-/

#CiberSeguridad
A partir de aquí, se puede revisar la información sobre ataques a un #ActiveDirectory recopilados por @pentest_swissky en su repositorio de GitHub:

github.com/swisskyrepo/Pa…

#CiberSeguridad
Otra herramienta similar a #Adalanche es #BloodHound que también utiliza la teoría de grafos para establecer las relaciones entre los objetos (usuarios, grupos, etc.) en un #ActiveDirectory:

github.com/BloodHoundAD/B…

#CiberSeguridad
Read 4 tweets
Real-World #PingCastle Finding #8: Non-admin users can add computers to a domain. A customer called us because he discovered two new computer objects. Such new computer objects can be a sign of more targeted attacks against the #ActiveDirectory.
1/8

#CyberSecurity #dfir
The computer names are relatively unique, and one quickly finds a GitHub repository with corresponding exploit code.

The code tries to exploit the two vulnerabilities CVE-2021-42278 and CVE-2021-42287 (from an authenticated user directly to DA).
2/8

github.com/WazeHell/sam-t…
Inside the exploit code, a new computer name is generated following the pattern SAMTHEADMIN-(random number from 1 to 100), precisely the naming scheme we see in the client's AD.
3/8
Read 8 tweets
A hat tip to repadmin.exe (thread🧵).

Commonly used for a quick view of replication health with: “repadmin /replsum” which will inspect the Repsfrom multi-valued attribute stored at the root of each directory partition on each DC; bubbling up the summary 🪄 (#ActiveDirectory) repadmin replsum example
If your output from replsum is more interesting than the example above and you want to take a closer look at replication health "showrepl" is the way. If you want to quickly see ALL partitions from ALL domain controllers in an easy view: “repadmin /showrepl * /csv > allrepl.csv” repadmin /showrepl csv file in excel
Maybe one domain controller stands out as a troublemaker or victim and we want to quickly see who it is replicating with and the status for each partition? “repadmin /showrepl dc1”. repadmin showreps detailed view for one domain controller
Read 8 tweets
Ja okay, und natürlich mit Verweis auf den @legal_bits Podcast zu Ursachen für Schwachstellen im Finanzsektor mit @ra_stiegler und mir 😘
stiegler-legal.com/blog/blog-podc…
Und der Vollständigkeit halber gab es auch schon einen ersten #KRITIS Podcast zusammen mit @ra_stiegler im @legal_bits:

"KRITIS Teil 1: Was und warum sie so kritisch sind"
stiegler-legal.com/blog/blog-podc…
Read 3 tweets
[PL] Porządkując starocie wypchnąłem workbook ze szkolenia o replikacji #ActiveDirectory na github - sprzed dobrych kilku lat i powinien dostać "referesh' ale podstawy są te same. Bierzcie i czytajcie - github.com/tonyszko/Archi…
FunFact #1 - to jest dokument napisany do mojego pierwszego komercyjnego projektu po odejściu z MS

Fun Fact #2 - sam nie wierzę, ale napisałem go chyba w 3 dni :)

Fun Fact #3 - robiłem szkolenia zanim to było modne :)
@DebugPrivilege - no way you read it so fast :) (it is in Polish and it is 130 pages :) ) - BTW: it is AD replication training workbook. Do you think it is worth to translate it to English and update to current version?
Read 3 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!