Ultimate guide to PowerShell Empire: from installation to persistence in the target system
Attacking Active Directory. An overview of actual privilege escalation techniques
Compromising a domain controller involves more than just finding a known vulnerability, stealing user credentials, or identifying an error in the security policy settings. The above ‘achievements’ grant only the minimum access level that may be insufficient for your goals. Therefore, to deliver a successful attack, you must escalate your system privileges in Active Directory. This article is dedicated to this intriguing process.
Lateral movement in Active Directory. Offensive techniques used to attack the domain
Imagine that you have successfully retrieved users’ accounts in a network with an Active Directory domain controller and escalated your privileges. But what if you control not the entire network, but just a small segment of it? You have to find out how to advance further through the network, escalate your privileges, and search for new entry points and relays.