Workshop

Seasides 2025 Edition

Attacking Active Directory

We will cover fundamentals of Active directory and related attacks — Directory Introduction and Enumeration Active Directory – manual and automated enumeration, Operating Systems, SPNs, Object permissions, domain shares, authentication, ntlm, kerberos, cached AD, AD attacks – weak permissions, kerberos attacks – golden ticket, silver ticket, as-rep roasting, kerberoasing, dcsync, cached credentials, tickets, shadow copies, tools like impacket, bloodhound, sharphound, lateral movement in the domain, forest.

Part 1

  • Active Directory – Introduction
  • Active Directory – Manual Enumeration
  • Active Directory – Enumeration Using Legacy Windows Tools
  • Enumerating Active Directory using PowerShell and
  • Adding Search Functionality to our Script
  • AD Enumeration with PowerView
  • Getting an Overview – Permissions and Logged on
  • Enumeration Through Service Principal Names
  • Enumerating Object Permissions
  • Enumerating Domain Shares
  • Active Directory-Automated Enumeration
  • Collecting Data with SharpHound
  • Analysing Data using BloodHound


Part 2

  • Attacking Active Directory Authentication
  • Understanding Active Directory Authentication
  • NTLM Authentication
  • Keberos Authentication
  • Cached AD Credentials
  • Performing Attacks on Active Directory Authentication
  • Password Attacks
  • AS-REP Roasting
  • Kerberoasting
  • Silver Tickets
  • Domain Controller Synchronization
  • Lateral Movement in Active Directory
  • WMI and WinRM
  • PsExec
  • Pass the Hash
  • Pass the Ticket
  • Persistence
  • Golden Ticket