Active Directory Penetration Testing methods with simulations

Last update: Aug 12, 2021

Related tags

Testing Active-Directory-PT

Overview

AD penetration Testing Project

By Ruben Enkaoua - GL4Di4T0R

Based on the TCM PEH course (Heath Adams)

Index

1 - Setting Up the Lab

Intallation of a Windows Server 2016
Installation of the Windows 10 machines
Setting the domain configuration
Setting the domain virtual network

2 - Initial Attack Vector

LLMNR Poisoning (Attack / Defense)
Responder and Credentials Capture
SMB Relay (Attack / Defense)
Hosts Discovery
Setting Up LDAPS
IPv6 Overview (Attack / Defense)
IPv6 DNS Takeover - MITM6
Other Attacks Vectors and Strategies

3 - Post Compromise Enumeration

Uploading Content
Domain Enumeration - PowerView
Bloodhound Setup
Grabbing Data with Sharphound
Enumerating and Mapping Domain Data with Bloodhound

4 - Post Compromise Attack

Pass The Hash / Pass the Password (Attacks / Mitigations)
Installing CrackMapExec
Dumping Hashes with secretsdump
Token Impersonation - Incognito (Attack / Mitigation)
Kerberoasting (Attack / Mitigation)
Mimikatz and Credentials Dumping
Mimikatz - Golden Ticket Attack

Owner

GL4DI4T0R

GL4DI4T0R

GitHub Repository

Python package to easily work with selenium and manage tabs effectively.

Simple Selenium The aim of this package is to quickly get started with working with selenium for simple browser automation tasks. Installation Install

1 Oct 27, 2021

PoC getting concret intel with chardet and charset-normalizer

aiohttp with charset-normalizer Context aiohttp.TCPConnector(limit=16) alpine linux nginx 1.21 python 3.9 aiohttp dev-master chardet 4.0.0 (aiohttp-ch

2 Nov 30, 2022

API mocking with Python.

apyr apyr (all lowercase) is a simple & easy to use mock API server. It's great for front-end development when your API is not ready, or when you are

55 Nov 25, 2022

Python wrapper of Android uiautomator test tool.

uiautomator This module is a Python wrapper of Android uiautomator testing framework. It works on Android 4.1+ (API Level 16~30) simply with Android d

1.9k Dec 30, 2022

pytest plugin that let you automate actions and assertions with test metrics reporting executing plain YAML files

pytest-play pytest-play is a codeless, generic, pluggable and extensible automation tool, not necessarily test automation only, based on the fantastic

67 Dec 01, 2022

Network automation lab using nornir, scrapli, and containerlab with Arista EOS

nornir-scrapli-eos-lab Network automation lab using nornir, scrapli, and containerlab with Arista EOS. Objectives Deploy base configs to 4xArista devi

13 Jul 07, 2022

Compiles python selenium script to be a Window's executable

Problem Statement Setting up a Python project can be frustrating for non-developers. From downloading the right version of python, setting up virtual

8 Jan 09, 2023

It helps to use fixtures in pytest.mark.parametrize

pytest-lazy-fixture Use your fixtures in @pytest.mark.parametrize. Installation pip install pytest-lazy-fixture Usage import pytest @pytest.fixture(p

299 Dec 24, 2022

RAT-el is an open source penetration test tool that allows you to take control of a windows machine.

To prevent RATel from being detected by antivirus, please do not upload the payload to TOTAL VIRUS. Each month I will test myself if the payload gets detected by antivirus. So you’ll have a photo eve

218 Dec 16, 2022

Useful additions to Django's default TestCase

django-test-plus Useful additions to Django's default TestCase from REVSYS Rationale Let's face it, writing tests isn't always fun. Part of the reason

546 Dec 22, 2022

Show, Edit and Tell: A Framework for Editing Image Captions, CVPR 2020

Show, Edit and Tell: A Framework for Editing Image Captions | arXiv This contains the source code for Show, Edit and Tell: A Framework for Editing Ima

76 Nov 25, 2022

hyppo is an open-source software package for multivariate hypothesis testing.

hyppo (HYPothesis Testing in PythOn, pronounced "Hippo") is an open-source software package for multivariate hypothesis testing.

137 Dec 18, 2022

A Modular Penetration Testing Framework

fsociety A Modular Penetration Testing Framework Install pip install fsociety Update pip install --upgrade fsociety Usage usage: fsociety [-h] [-i] [-

802 Dec 31, 2022

Nokia SR OS automation

Nokia SR OS automation Nokia is one of the biggest vendors of the telecommunication equipment, which is very popular in the Service Provider segment.

7 Jul 23, 2022

Travel through time in your tests.

time-machine Travel through time in your tests. A quick example: import datetime as dt

373 Dec 27, 2022

Test utility for validating OpenAPI documentation

DRF OpenAPI Tester This is a test utility to validate DRF Test Responses against OpenAPI 2 and 3 schema. It has built-in support for: OpenAPI 2/3 yaml

103 Dec 21, 2022

This repository has automation content to test Arista devices.

Network tests automation Network tests automation About this repository Requirements Requirements on your laptop Requirements on the switches Quick te

17 Nov 04, 2022

A wrapper for webdriver that is a jumping off point for web automation.

Webdriver Automation Plus ===================================== Description: Tests the user can save messages then find them in search and Saved items

1 Nov 08, 2021

Pytest support for asyncio.

pytest-asyncio: pytest support for asyncio pytest-asyncio is an Apache2 licensed library, written in Python, for testing asyncio code with pytest. asy

1.1k Jan 02, 2023

A collection of benchmarking tools.

Benchmark Utilities About A collection of benchmarking tools. PYPI Package Table of Contents Using the library Installing and using the library Manual

2 Jan 28, 2022