Maintaining access to an Active Directory environment.
Category: Infrastructure
Forged Kerberos Tickets
Generating forged Kerberos gold, silver and diamond tickets.
Active Directory Schema Modification
Changing default security descriptor properties to escalate from a child to parent domain.
Exploiting Tomcat
Exploiting common Tomcat vulnerabilities.
Attacking MSSQL
Compromising MSSQL databases, and escalating privileges.
Golden gMSA Attacks
Extracting gMSA service accounts from child domains.
SID History Abuse
Modifying SID History values to compromise parent domains.
Backup Operator Privilege Escalation
Extracting domain controller credentials using the Backup Operators group.
Active Directory Explorer
Using Microsoft AD Explorer to collect Active Directory attack path information.
Active Directory DACL Attacks
Exploiting misconfigured Active Directory access control lists.
Entra ID Connect
Extracting credentials from Azure Entra Connect.
Coerced Authentication
Persuading Windows hosts to provide machine account credentials.