Active Directory Pentesting 101 - Part 1
Vložit
- čas přidán 1. 06. 2024
- Join 7 Minute Security and Project7 for a fun discussion and demo of how to find Active Directory low-hanging hacker fruit, as well as how to attack (and defend against) it!
00:00 And so it begins
0:27 Introductions and banter
6:26 Intro to pentest lab environment
7:07 Using PingCastle to quickly assess Active Directory security
23:00 The risk of allowing non-admin users to join PCs to Active Directory
29:05 Conducting the Kerberoasting attack
44:37 Sniping cleartext creds from Group Policy Object (GPO) files
53:19 Using CrackMapExec to spray credentials across the enterprise
57:30 Some thoughts on online hash/password cracking - Zábava
![[柴犬ASMR]曼玉Manyu&小白Bai 毛发护理Spa asmr](http://i.ytimg.com/vi/0TsXQ7z2Dh4/mqdefault.jpg)
