Skip to main content Link Menu Expand (external link) Document Search Copy Copied

ad / bookmarks

Ressource Description Author
Attack AD: 0 to 0.9 The encyclopedia to start your journey in AD security. My TOP 1. Eloy Pérez González
Bloodhound Nodes Must-read to understand AD attack paths. SperterOps
Bloodhound Edges Must-read to understand AD attack paths. SpecterOps
thehacker.recipes pages after /ad/movement/ : credentials, mitm-and-coerced-authentications, ntlm, kerberos, dacl, group-policies, trusts, netlogon, ad-cs, sccm-mecm, exchange-services, print-spooler-service, domain-settings @_nwodtuhs
CERT-FR checklist   ANSSI
CME wiki First thing first. Can I make it with CME? porchetta, mpgn64
GOAD tutorial Best to practice, prepare tooling. mayfly277
activedirectoryrights List of ActiveDirectoryRights values. Microsoft
well-known SIDs List of Well-Known SIDs. Microsoft
SDDL Understand ACE premissions.  
Attack bookmarks Curated list to deepdive a particluar topic. infosecn1nja
Dog Whisperer How-to for Bloodhound and more. SadProcessor
Cypher Queries Hunting with BloodHound. STEP 2 after the pre-built queries. hausec
KRB Attacks 101 Good redacting effort. m0chan
harden    
harden    

azure

dfir

Cheatsheet Description Author
Hunting Windows PrivEsc Awesome presentation covering how to hunt the named pipes and much more. Kaspersky
Windows Logon workflow Awesome schema sequencing the security event IDs for windows logon. Andrei Miroshnikov

powershell

Ressource Description Author
AD Discovery - Haboob Team
AD Exploitation Contains the CLI of the most well-known tools for common enumeration and attack methods: Local PrivEsc, Lateral Movement, Domain PrivEsc, Domain Persistence, Cross Forests Attacks S1ckB0y1337
PS cheatsheet 1 The best CRTP + CRTO cheatsheet for lab certifications made by pentesteracademy. casvancooten
PS cheatsheet 2 PowerView, PowerUp, PowerSploit, and Empire cheatsheets. HarmJ0y
PS toolbox 1 Tools used for the offensive powershell training provided by specterops. specterops.io
PS toolbox 2 Collection of tools. varonis
PS snippet gallery Snipets. powershellgallery
PS old stuffs - ethicalhackersacademy

talks

Year Ressource Author Description
2017 (blackhat) An ACE Up The Sleeve Andy Robbins & Will Shroeder Abusing ACLs…
2019 (defcon 27) Kerberos Ticketing & Delegations Elad Shamir, Matt Bush Workshop using rollercoaster metaphor for explaining KRB ticket and abuse.