You're reading from Pentesting Active Directory and Windows-based Infrastructure A comprehensive practical guide to penetration testing Microsoft infrastructure

Product type Paperback

Published in Nov 2023

Publisher Packt

ISBN-13 9781804611364

Length 360 pages

Edition 1st Edition

Languages

SQL

Tools

Windows OS

Concepts

Networking

Author (1):

Denis Isakov

View More author details

Table of Contents (13) Chapters

Preface

1. Chapter 1: Getting the Lab Ready and Attacking Exchange Server

2. Chapter 2: Defense Evasion FREE CHAPTER

3. Chapter 3: Domain Reconnaissance and Discovery

4. Chapter 4: Credential Access in Domain

5. Chapter 5: Lateral Movement in Domain and Across Forests

6. Chapter 6: Domain Privilege Escalation

7. Chapter 7: Persistence on Domain Level

8. Chapter 8: Abusing Active Directory Certificate Services

9. Chapter 9: Compromising Microsoft SQL Server

10. Chapter 10: Taking Over WSUS and SCCM

11. Index

Why subscribe?

12. Other Books You May Enjoy

What this book covers

Chapter 1, Getting the Lab Ready and Attacking Exchange Server, provides an overview of the attack kill chain, shows you how to deploy the lab environment, and focuses on Exchange Server attack surfaces with practical examples.

Chapter 2, Defense Evasion, teaches you about evading Antimalware Scan Interface (AMSI) and AppLocker, PowerShell enhanced logging, Sysmon, and Event Tracing for Windows (ETW).

Chapter 3, Domain Reconnaissance and Discovery, is where you will learn how to perform reconnaissance in a domain, blend into environment traffic, and learn more about the internals of tools such as BloodHound and Microsoft Advanced Threat Analytics (ATA).

Chapter 4, Credential Access in a Domain, covers ways to obtain credentials in the domain environment by capturing the hash, coercing authentication, “roasting” Kerberos, reading clear-text passwords if Local Administrator Password Solution (LAPS) is misconfigured, and collecting hashes of gMSA accounts or of a whole domain via DCSync.

Chapter 5, Lateral Movement in Domain and Across Forests, shows how an adversary can maneuver across an environment by abusing different types of delegation, passing different types of credential materials, relaying captured hashes, as well as moving to other forests.

Chapter 6, Domain Privilege Escalation, is where we will focus on ways to elevate privileges in a domain by abusing misconfigured Access Control Lists (ACL), Group Policy Objects (GPO), and special built-in groups, as well as moving from a child domain to a parent domain.

Chapter 7, Persistence on Domain Level, shows techniques to establish persistence on the domain level by forging tickets and manipulating ACLs and objects, as well as on the domain controller itself by adding a Skeleton Key, malicious SSP, a registry backdoor, and so on.

Chapter 8, Abusing Active Directory Certificate Services, covers the fundamentals of Public Key Infrastructure (PKI) implementation by Microsoft, along with ways to steal certificates, escalate privileges in the domain, and achieve persistence on account and domain levels.

Chapter 9, Compromising Microsoft SQL Server, is where we will focus on how to attack SQL Server, including enumeration, privilege escalation, lateral movement, and persistence.

Chapter 10, Taking over WSUS and SCCM, provides an overview of IT support management software and ways to abuse its functionality, leading to a complete takeover of the whole environment.