Pentesting Active Directory and Windows-based Infrastructure: A comprehensive practical guide to penetration testing Microsoft infrastructure

Denis Isakov

€33.99

4.9 (14 Ratings)

Paperback Nov 2023 360 pages 1st Edition

Denis Isakov

€33.99

4.9 (14 Ratings)

Paperback Nov 2023 360 pages 1st Edition

What do you get with Print?

Instant access to your digital eBook copy whilst your Print order is Shipped

Paperback book shipped to your preferred address

Download this book in EPUB and PDF formats

Access this title in our online reader with advanced features

DRM FREE - Read whenever, wherever and however you want

AI Assistant (beta) to help accelerate your learning

View table of contents

Preview Book

Key benefits

Find out how to attack real-life Microsoft infrastructure
Discover how to detect adversary activities and remediate your environment
Apply the knowledge you’ve gained by working on hands-on exercises
Purchase of the print or Kindle book includes a free PDF eBook

Description

This book teaches you the tactics and techniques used to attack a Windows-based environment, along with showing you how to detect malicious activities and remediate misconfigurations and vulnerabilities. You’ll begin by deploying your lab, where every technique can be replicated. The chapters help you master every step of the attack kill chain and put new knowledge into practice. You’ll discover how to evade defense of common built-in security mechanisms, such as AMSI, AppLocker, and Sysmon; perform reconnaissance and discovery activities in the domain environment by using common protocols and tools; and harvest domain-wide credentials. You’ll also learn how to move laterally by blending into the environment’s traffic to stay under radar, escalate privileges inside the domain and across the forest, and achieve persistence at the domain level and on the domain controller. Every chapter discusses OpSec considerations for each technique, and you’ll apply this kill chain to perform the security assessment of other Microsoft products and services, such as Exchange, SQL Server, and SCCM. By the end of this book, you'll be able to perform a full-fledged security assessment of the Microsoft environment, detect malicious activity in your network, and guide IT engineers on remediation steps to improve the security posture of the company.

Who is this book for?

This book is for pentesters and red teamers, security and IT engineers, as well as blue teamers and incident responders interested in Windows infrastructure security. The book is packed with practical examples, tooling, and attack-defense guidelines to help you assess and improve the security of your real-life environments. To get the most out of this book, you should have basic knowledge of Windows services and Active Directory.

What you will learn

Understand and adopt the Microsoft infrastructure kill chain methodology
Attack Windows services, such as Active Directory, Exchange, WSUS, SCCM, AD CS, and SQL Server
Disappear from the defender's eyesight by tampering with defensive capabilities
Upskill yourself in offensive OpSec to stay under the radar
Find out how to detect adversary activities in your Windows environment
Get to grips with the steps needed to remediate misconfigurations
Prepare yourself for real-life scenarios by getting hands-on experience with exercises

Estimated delivery fee Deliver to Romania

Premium delivery 7 - 10 business days

€25.95

(Includes tracking information)

What do you get with Print?

Instant access to your digital eBook copy whilst your Print order is Shipped

Paperback book shipped to your preferred address

Download this book in EPUB and PDF formats

Access this title in our online reader with advanced features

DRM FREE - Read whenever, wherever and however you want

AI Assistant (beta) to help accelerate your learning

Frequently bought together

€37.99

€33.99

PowerShell Automation and Scripting for Cybersecurity

€37.99

Total € 109.97

FAQs

What is the delivery time and cost of print book?

Shipping Details

USA:

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.

Unfortunately, due to several restrictions, we are unable to ship to the following countries:

Afghanistan
American Samoa
Belarus
Brunei Darussalam
Central African Republic
The Democratic Republic of Congo
Eritrea
Guinea-bissau
Iran
Lebanon
Libiya Arab Jamahriya
Somalia
Sudan
Russian Federation
Syrian Arab Republic
Ukraine
Venezuela

What is custom duty/charge?

Customs duty are charges levied on goods when they cross international borders. It is a tax that is imposed on imported goods. These duties are charged by special authorities and bodies created by local governments and are meant to protect local industries, economies, and businesses.

Do I have to pay customs charges for the print book order?

The orders shipped to the countries that are listed under EU27 will not bear custom charges. They are paid by Packt as part of the order.

List of EU27 countries: www.gov.uk/eu-eea:

A custom duty or localized taxes may be applicable on the shipment and would be charged by the recipient country outside of the EU27 which should be paid by the customer and these duties are not included in the shipping charges been charged on the order.

How do I know my custom duty charges?

The amount of duty payable varies greatly depending on the imported goods, the country of origin and several other factors like the total invoice amount or dimensions like weight, and other such criteria applicable in your country.

For example:

If you live in Mexico, and the declared value of your ordered items is over $ 50, for you to receive a package, you will have to pay additional import tax of 19% which will be $ 9.50 to the courier service.
Whereas if you live in Turkey, and the declared value of your ordered items is over € 22, for you to receive a package, you will have to pay additional import tax of 18% which will be € 3.96 to the courier service.

How can I cancel my order?

Cancellation Policy for Published Printed Books:

You can cancel any order within 1 hour of placing the order. Simply contact customercare@packt.com with your order details or payment transaction id. If your order has already started the shipment process, we will do our best to stop it. However, if it is already on the way to you then when you receive it, you can contact us at customercare@packt.com using the returns and refund process.

Please understand that Packt Publishing cannot provide refunds or cancel any order except for the cases described in our Return Policy (i.e. Packt Publishing agrees to replace your printed book because it arrives damaged or material defect in book), Packt Publishing will not accept returns.

What is your returns and refunds policy?

Return Policy:

We want you to be happy with your purchase from Packtpub.com. We will not hassle you with returning print books to us. If the print book you receive from us is incorrect, damaged, doesn't work or is unacceptably late, please contact Customer Relations Team on customercare@packt.com with the order number and issue details as explained below:

If you ordered (eBook, Video or Print Book) incorrectly or accidentally, please contact Customer Relations Team on customercare@packt.com within one hour of placing the order and we will replace/refund you the item cost.
Sadly, if your eBook or Video file is faulty or a fault occurs during the eBook or Video being made available to you, i.e. during download then you should contact Customer Relations Team within 14 days of purchase on customercare@packt.com who will be able to resolve this issue for you.
You will have a choice of replacement or refund of the problem items.(damaged, defective or incorrect)
Once Customer Care Team confirms that you will be refunded, you should receive the refund within 10 to 12 working days.
If you are only requesting a refund of one book from a multiple order, then we will refund you the appropriate single item.
Where the items were shipped under a free shipping offer, there will be no shipping costs to refund.

On the off chance your printed book arrives damaged, with book material defect, contact our Customer Relation Team on customercare@packt.com within 14 days of receipt of the book with appropriate evidence of damage and we will work with you to secure a replacement copy, if necessary. Please note that each printed book you order from us is individually made by Packt's professional book-printing partner which is on a print-on-demand basis.

What tax is charged?

Currently, no tax is charged on the purchase of any print book (subject to change based on the laws and regulations). A localized VAT fee is charged only to our European and UK customers on eBooks, Video and subscriptions that they buy. GST is charged to Indian customers for eBooks and video purchases.

What payment methods can I use?

You can pay with the following card types:

Visa Debit
Visa Credit
MasterCard
PayPal

What is the delivery time and cost of print books?

Shipping Details

USA:

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Unfortunately, due to several restrictions, we are unable to ship to the following countries:

Afghanistan
American Samoa
Belarus
Brunei Darussalam
Central African Republic
The Democratic Republic of Congo
Eritrea
Guinea-bissau
Iran
Lebanon
Libiya Arab Jamahriya
Somalia
Sudan
Russian Federation
Syrian Arab Republic
Ukraine
Venezuela

Filter reviews by

All

Feefo verified reviews

Amazon verified reviews

N/A Feb 21, 2024

Pubblicazioni interessanti scritti con il giusto livello tecnico ma soprattutto in modo chiaro.

Feefo Verified review

Vedant Gavde Dec 16, 2023

Denis Isakov's "Pentesting Active Directory and Windows-based Infrastructure" serves as an indispensable handbook for cybersecurity professionals and enthusiasts seeking to delve deep into the intricate realm of Windows-based infrastructure security. This book stands out for its focused exploration of lab environment setup and sophisticated evasion and penetration testing techniques specifically targeting Windows environments.From the outset, Isakov's approach is commendable. The book seamlessly introduces readers to the intricacies of setting up lab environments, laying a strong foundation for understanding and implementing effective penetration testing on Windows Active Directory. What makes this guide invaluable is its applicability not only to beginners but also as a comprehensive reference for seasoned professionals navigating the complexities of Windows-based infrastructure security.One of the book's notable strengths is its ability to make complex concepts accessible to a wide audience. Isakov's lucid explanations ensure that even intricate technical details are conveyed in an easy-to-understand manner. The clarity with which he articulates sophisticated evasion and pentesting techniques makes this book a go-to resource for anyone venturing into or honing their skills in this domain.The practicality of this guide cannot be overstated. Isakov skillfully intertwines real-world scenarios and practical examples throughout the book, offering hands-on experience and insights into tackling security challenges in Windows environments. This hands-on approach fosters a deeper understanding of the tools, methodologies, and tactics used in actual penetration testing scenarios.Having delved into "Pentesting Active Directory and Windows-based Infrastructure," I am convinced of its immense value in augmenting skills and techniques essential for securing Windows infrastructures. Whether you're a novice seeking to understand Windows penetration testing or an experienced professional looking to enhance your skill set, this book is an invaluable asset.In conclusion, Denis Isakov's "Pentesting Active Directory and Windows-based Infrastructure" is an essential guide that combines theory with practical application, making it a must-read for cybersecurity professionals aiming to elevate their knowledge and expertise in securing Windows-based networks.

Amazon Verified review

Amazon Customer May 23, 2024

I liked this book, as an experienced AD tester, it made me feel at home :)I think this book is a good resource for penetration testers, and I strongly recommend to replicate the techniques used in a lab environment, which is essential for practical learning and to master the concepts.I appreciated the coverage of topics such as defence evasion, reconnaissance, and domain privilege escalation from a windows environment perspective. I often test AD from windows, and don’t touch Kali. This knowledge will help you on real tests.And I liked the book touching on SCCM, Exchange, CS and MSSQL.However, like all resources, this book can’t cover everything. It serves as a robust foundation, and it is ultimately up to the reader to expand on the topics presented. The book is infact full of resources and links.For junior pentesters, the book may take longer to digest due to the complexity and depth of Active Directory. However, this should not discourage you, but trigger your curiosity and interest.For more experienced testers, it still holds value in my opinion, offering insights that can refine your existing knowledge. There is always something to learn, whether it is a new tool or a different way to achieve the same goal.A book to read, especially if you love Active Directory or if you want to get better at it.

Victor kolawole May 25, 2024

This book has the best content when it comes to an active directory penetration testing, I never regretted buying this book, the hands-on labs are top notch and I will recommend it for anyone who want to learn more about active directory pentesting and it's environment.

Ranjan Raja May 15, 2024

Very good book for absolute beginners who want to be expertise in penetration testing and cyber security .Good work author.

Pentesting Active Directory and Windows-based Infrastructure: A comprehensive practical guide to penetration testing Microsoft infrastructure

What do you get with Print?