Active Directory Security – 101: introduction to Active Directory security

Active Directory Security – 101

This repository contains an introductory class on Active Directory security. The goal is to teach the basics about Active Directory and the relevant authentication protocols as well as find and exploit common flaws and misconfigurations.

Content

• Slides containing the theoretical stuff
• Lab Setup Guide containing instructions on how to set up a lab. Includes terraform scripts to automatically setup a lab in Microsoft Azure (not mandatory but speeds up the process if you are already familiar with Azure)
• Exercises to walk through and practice different attack vectors
  • Exercise 1: Reconnaissance
  • Exercise 2: NTLM and Pass-the-Hash
  • Exercise 3: Coerced Authentication and NTLM Relay
  • Exercise 4: Kerberos Roasting
  • Exercise 5: Kerberos Classic Delegation
  • Exercise 6: Kerberos Ressource-based Constrained Delegation
  • Exercise 7: ACL
  • Exercise 8: Persistence

Where to start?

1. Go through the Lab Setup Guide to build a lab environment.
2. Go through the slides. In the slides, you will find references to the lab exercises at regular intervals. Go through the corresponding exercise to practice what you’ve learned until then.
3. Go on 🙂 – this is an introductory class. There’s a whole lot more craziness to explore in the wondrous world of Active Directory and we haven’t even talked about AAD yet.

Download

Copyright (c) 2021, Christoph Falta
All rights reserved.