Security Training Share
Exchange-AD-Privesc This repository provides a few techniques and scripts regarding the impact of Microsoft Exchange deployment on Active Directory security. This is a side project of AD-Control-Paths, an AD permissions auditing project to which I...
cracke-dit (“Cracked It”) makes it easier to perform regular password audits against Active Directory environments. Ensuring your users have strong passwords throughout the organization is still your best line of defense against common attacks. Many organizations...
BloodHound is a single page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4jdatabase fed by a PowerShell ingestor. BloodHound uses graph theory to reveal the hidden and often unintended relationships within...
ADRecon is a tool which extracts various artifacts (as highlighted below) out of an AD environment in a specially formatted Microsoft Excel report that includes summary views with metrics to facilitate analysis. The report...
icebreaker Break the ice with that cute Active Directory environment over there. Automates network attacks against Active Directory to deliver you piping hot plaintext credentials when you’re inside the network but outside of the...
DCEPT (Domain Controller Enticing Password Tripwire) is a honeytoken-based tripwire for Microsoft’s Active Directory. Honeytokens are pieces of information intentionally littered with the system so they can be discovered by an intruder. In the...
Think like a Hacker to Secure the Organization like a Fortress The reality of external attacks today is simple: Attackers have made it their business to know more about the networking environment you work...
