Categories
active directory

Laboratorio de Computación

This field is definitely one that requires a lot of self-study (at least for this noob) and as a result, I wanted to practice some different attacks against Windows systems, specifically within an Active Directory (AD) environment. This led me building out a mini lab with a few a handful of virtual machines. For this […]

Categories
active directory

Let Slip the Hounds of War

When I first started learning how to use BloodHound, I remember trying to figure out how to best utilize this tool to discover possible vulnerabilities when attacking Active Directory environments. This post is intended to be a quick, little usage guide to visualizing some of the misconfigurations that can be exploited to laterally move and/or […]

Categories
active directory

🎵 “I’ve Got a Golden Ticket” 🎵

There are a couple of different ways that a Golden Ticket can be created and used when attacking an Active Directory environment. One of which is through the use of Impacket’s ticketer.py. The nice thing about this script is that it allows you to attack from a Linux system, rather than using Mimikatz from a […]