Active Directory Security

Active Directory & Enterprise Security, Methods to Secure Active Directory, Attack Methods & Effective Defenses, PowerShell, Tech Notes, & Geek Trivia…

  • Home
  • About
  • AD Resources
  • Contact
  • Mimikatz
  • Presentations
  • Schema Versions
  • Security Resources
  • SPNs
  • Top Posts

Tag: localadministratoraccountpassword

Jan 01

Attack Methods for Gaining Domain Admin Rights in Active Directory

  • By Sean Metcalf in ActiveDirectorySecurity, Microsoft Security, Technical Reference

There are many ways an attacker can gain Domain Admin rights in Active Directory. This post is meant to describe some of the more popular ones in current use. The techniques described here “assume breach” where an attacker already has a foothold on an internal system and has gained domain user credentials (aka post-exploitation). The …

Continue reading

  • ActiveDirectory, administratorpassword, AESprivatekey, AESsharedsecret, cpassword, CredentialTheft, CredentialTheftShuffle, DomainAdmins, DomainController, DumpCredentiasls, DumpLSASS, EnterpriseAdmins, Get-GPPPassword, GoldenTickets, GPP, GroupPolicyPreferences, groups.xml, IFM, InstallFromMedia, KB2962486, KB3011780, Kekeo, Kerberoast, Kerberos, KerberosHacking, LAPS, lateralmovement, localadministratoraccountpassword, LSASS, LSASSDumpFile, MicrosoftLAPS, mimikatz, MS14068, ms14068.exe, MS14068Exploit, MSDN, ntds.dit, PAWS, Persistence, PowerSploit, PyKEK, RC4_HMAC_MD5, RDP, RunAs, scheduledtasks.xml, separateAdminWorkstation, ServicePrincipalName, Services.xml, SPN, systemcompromise, SYSVOL, TGS, TGSCracking, TGT, xml
  • 2 comments

Recent Posts

  • Attacking Read-Only Domain Controllers (RODCs) to Own Active Directory
  • Securing Microsoft Active Directory Federation Server (ADFS)
  • Gathering AD Data with the Active Directory PowerShell Module
  • Beyond Domain Admins – Domain Controller & AD Administration
  • Scanning for Active Directory Privileges & Privileged Accounts

Trimarc Active Directory Security Services

Have concerns about your Active Directory environment? Trimarc helps enterprises improve their security posture.

Find out how... TrimarcSecurity.com

Popular Posts

  • Attack Methods for Gaining Domain Admin Rights in…
  • PowerShell Encoding & Decoding (Base64)
  • Securing Windows Workstations: Developing a Secure Baseline
  • The Most Common Active Directory Security Issues and…
  • Building an Effective Active Directory Lab…
  • Detecting Offensive PowerShell Attack Tools
  • Securing Domain Controllers to Improve Active…
  • Microsoft Local Administrator Password Solution (LAPS)
  • Finding Passwords in SYSVOL & Exploiting Group…
  • PowerShell Version 5 is Available for Download (again)

Categories

  • ActiveDirectorySecurity
  • Apple Security
  • Cloud Security
  • Continuing Education
  • Entertainment
  • Exploit
  • Hacking
  • Hardware Security
  • Hypervisor Security
  • Linux/Unix Security
  • Malware
  • Microsoft Security
  • Mitigation
  • Network/System Security
  • PowerShell
  • RealWorld
  • Security
  • Security Conference Presentation/Video
  • Security Recommendation
  • Technical Article
  • Technical Reading
  • Technical Reference
  • TheCloud
  • Vulnerability

Tags

Active Directory ActiveDirectory ActiveDirectoryAttack ActiveDirectorySecurity Active Directory Security ADReading ADSecurity DCSync DEFCON DomainController EMET5 GoldenTicket HyperV Invoke-Mimikatz KB3011780 KDC Kerberos KerberosHacking KRBTGT LAPS LSASS MCM MicrosoftEMET MicrosoftWindows mimikatz MS14068 PassTheHash PowerShell PowerShellCode PowerShellHacking PowerShellv5 PowerSploit Presentation Security SIDHistory SilverTicket SneakyADPersistence SYSVOL TGS TGT Windows7 Windows10 WindowsServer2008R2 WindowsServer2012 WindowsServer2012R2

Copyright

Content Disclaimer: This blog and its contents are provided "AS IS" with no warranties, and they confer no rights. Script samples are provided for informational purposes only and no guarantee is provided as to functionality or suitability. The views shared on this blog reflect those of the authors and do not represent the views of any companies mentioned. Content Ownership: All content posted here is intellectual work and under the current law, the poster owns the copyright of the article. Terms of Use Copyright © 2011 - 2017.

Content Disclaimer: This blog and its contents are provided "AS IS" with no warranties, and they confer no rights. Script samples are provided for informational purposes only and no guarantee is provided as to functionality or suitability. The views shared on this blog reflect those of the authors and do not represent the views of any companies mentioned.

Made with by Graphene Themes.