Advanced Pen Testing Techniques for Active Directory

Focused View

Malcolm Shore

1:41:00

70 View

01 - Introduction

01 - Understand and test the security of identity providers.mp4

00:42

02 - What you should know.mp4

00:30

03 - Disclaimer.mp4

01:14

02 - 1. Introduction to Identities

01 - Understand Active Directorys role in security.mp4

04:36

02 - The LDAP protocol.mp4

01:45

03 - Interact with LDAP at the command line.mp4

03:38

04 - The LDAPAdmin tool.mp4

01:35

05 - What is Active Directory.mp4

05:45

06 - Interact with Active Directory at the command line.mp4

02:04

07 - Access LDAP services with a GUI client.mp4

06:24

08 - Add users and computers to a domain.mp4

04:28

09 - Active Directory security audit.mp4

01:40

03 - 2. Testing Active Directory

01 - Set up for testing.mp4

04:19

02 - Extract the AD hashes.mp4

04:29

03 - Password spraying Active Directory.mp4

02:30

04 - Kerberos brute-forcing attacks.mp4

02:56

05 - Use CrackMapExec to access and enumerate AD.mp4

02:41

06 - Investigate the SYSVOL share.mp4

02:51

07 - Take advantage of legacy data.mp4

01:56

04 - 3. Advanced Penetration Testing

01 - Specific Active Directory attacks.mp4

00:59

02 - Remote extraction of AD hashes.mp4

02:36

03 - Carry out a Kerberos roasting.mp4

02:00

04 - Run a no-preauthentication attack.mp4

04:13

05 - Forge a golden ticket.mp4

05:08

06 - Running a shadow attack.mp4

05:05

07 - Using rubeus to take over the domain.mp4

07:10

08 - Relaying attacks to get a certificate.mp4

03:29

09 - Using smartcards to gain privileged access.mp4

06:49

10 - Set the BloodHound loose.mp4

06:34

05 - Conclusion

01 - Next steps.mp4

00:54

Description

As a security professional, one of your most important jobs is to make sure that only authorized users have access to your system. Most often, this is achieved via credential-based access control, where credentials are stored in central directories like Microsoft Active Directory (AD). But are you really ready to handle an unexpected cyberattack?

In this course, instructor Malcolm Shore gives you an overview of Active Directory, including how to enumerate it and validate its security with penetration testing. Explore the core concepts of penetration testing and why it’s so important for enterprise security management. Learn how AD interacts with identity providers and how you interact with it at the command line using LDAP protocol as well as through Powerpoint. Malcolm teaches you some key tricks and gives you examples of how to get the most out of your audits by understanding and utilizing spray attacks, hash extractions, impacket libraries, and brute force attacks.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Penetration Testing

Network Security

Computer Network

Network Engineering

Active Directory

Malcolm Shore

Instructor's Courses

Wide range of IT experience ranging from systems programming to policy and strategic planning. Strong expertise in applied IT security, focused on policy and governance. Teaching post graduate security (forensics, information warfare, security management, applied cryptography) Past interests include virtual worlds and web3d developments. Current work focusing on Cloud, security architectures, and national-level cybersecurity Specialties: SABSA, Cloud, Cryptography, Cybersecurity Strategy, Network Survivability

Linkedin Learning

View courses Linkedin Learning

LinkedIn Learning is an American online learning provider. It provides video courses taught by industry experts in software, creative, and business skills. It is a subsidiary of LinkedIn. All the courses on LinkedIn fall into four categories: Business, Creative, Technology and Certifications. It was founded in 1995 by Lynda Weinman as Lynda.com before being acquired by LinkedIn in 2015. Microsoft acquired LinkedIn in December 2016.