Does this skill help with Kerberos-based attacks?

Yes, it includes detailed instructions for Kerberoasting, AS-REP Roasting, and ticket-based attacks like Golden and Silver Tickets.

What tools are covered in this Active Directory skill?

The skill provides command references and workflows for industry-standard tools including BloodHound, Impacket, Mimikatz, Rubeus, and CrackMapExec.

Are specific CVE exploits included?

The skill covers several critical Active Directory vulnerabilities, including ZeroLogon (CVE-2020-1472), PrintNightmare (CVE-2021-1675), and samAccountName spoofing.

Why is clock synchronization important in this context?

Kerberos authentication requires precise time synchronization (usually within 5 minutes) between the attack platform and the Domain Controller to function correctly.

Active Directory Penetration Testing

Name: Active Directory Penetration Testing
Author: zebbern

byzebbern

•

2,883

安全与测试

Provides comprehensive methodologies and command workflows for assessing security vulnerabilities within Microsoft Active Directory environments.

关于

The Active Directory Attacks skill equips security professionals and red teams with a structured framework for identifying, enumerating, and exploiting misconfigurations in Windows domains. It covers the full attack lifecycle, from initial reconnaissance and Kerberos clock synchronization to advanced techniques like DCSync, Golden Ticket forgery, and NTLM relay. By consolidating documentation for essential tools such as Impacket, BloodHound, and Mimikatz, this skill enables efficient identification of attack paths and privilege escalation opportunities during authorized security audits.

主要功能

Lateral movement and domain dominance strategies for red team operations
Automated AD reconnaissance patterns using BloodHound and PowerView
Exploitation workflows for critical vulnerabilities like ZeroLogon and PrintNightmare
Credential extraction techniques using Mimikatz and DCSync
Detailed Kerberos exploitation including Kerberoasting and AS-REP Roasting
2,883 GitHub stars

使用场景

Auditing Active Directory for common misconfigurations and privilege escalation paths
Executing professional internal network penetration tests and security assessments
Simulating sophisticated adversary techniques for security research and training

关于

主要功能

Lateral movement and domain dominance strategies for red team operations
Automated AD reconnaissance patterns using BloodHound and PowerView
Exploitation workflows for critical vulnerabilities like ZeroLogon and PrintNightmare
Credential extraction techniques using Mimikatz and DCSync
Detailed Kerberos exploitation including Kerberoasting and AS-REP Roasting
2,883 GitHub stars

使用场景

Auditing Active Directory for common misconfigurations and privilege escalation paths
Executing professional internal network penetration tests and security assessments
Simulating sophisticated adversary techniques for security research and training