III. Domain Privilege Escalation

Learn to find credentials and sessions of high privileges domain accounts like Domain Administrators, extracting their credentials and then using credential replay attacks to escalate privileges, all of this with just using built-in protocols for pivoting.
Learn to extract credentials from a restricted environment where application whitelisting is enforced. Abuse derivative local admin privileges and pivot to other machines to escalate privileges to domain level.
Understand the classic Kerberoast and its variants to escalate privileges.
Enumerate the domain for objects with unconstrained delegation and abuse it to escalate privileges.
Find domain objects with constrained delegation enabled. Understand and execute the attacks against such objects to escalate privileges to a single service on a machine and to the domain administrator using alternate tickets.
Learn how to abuse privileges of Protected Groups to escalate privileges

Last updated 4 years ago

Was this helpful?

Learn to find credentials and sessions of high privileges domain accounts like Domain Administrators, extracting their credentials and then using credential replay attacks to escalate privileges, all of this with just using built-in protocols for pivoting.
Learn to extract credentials from a restricted environment where application whitelisting is enforced. Abuse derivative local admin privileges and pivot to other machines to escalate privileges to domain level.
Understand the classic Kerberoast and its variants to escalate privileges.
Enumerate the domain for objects with unconstrained delegation and abuse it to escalate privileges.
Find domain objects with constrained delegation enabled. Understand and execute the attacks against such objects to escalate privileges to a single service on a machine and to the domain administrator using alternate tickets.
Learn how to abuse privileges of Protected Groups to escalate privileges

Last updated 4 years ago

Was this helpful?