Summary
In this chapter, we discussed available tools and protocols that attackers can use for enumeration activity. We briefly covered tooling internals to get a clear insight into the traces we left. Our methodology was to enumerate from a high level to a low level inside the environment. One of the key ideas was that enumeration is a constant process. At the end of the chapter, we went through some OpSec concerns and saw how a blue team can deceive attackers.
In the next chapter, we will cover credential access from a domain point of view. We will not spend time on endpoint credential access, rather we will explore things such as Kerberoasting, GMSA, LAPS, different types of coerced authentication, how to abuse writable shares, and more.
