Scribd
Upload
21 views

Active Directory

Active Directory is a directory service and identity management system used in Windows networks to centralize and manage resources like users, computers and printers. It plays a critical role in authentication, authorization and directory services. Active Directory enumeration involves gathering information about the Active Directory environment using tools like PowerShell, Net Command, LDAP tools and BloodHound to understand the network structure and discover vulnerabilities.

Uploaded by

samidhawalvekar99
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
21 views

Active Directory

Active Directory is a directory service and identity management system used in Windows networks to centralize and manage resources like users, computers and printers. It plays a critical role in authentication, authorization and directory services. Active Directory enumeration involves gathering information about the Active Directory environment using tools like PowerShell, Net Command, LDAP tools and BloodHound to understand the network structure and discover vulnerabilities.

Uploaded by

samidhawalvekar99
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Active Directory

 Active Directory (AD) is a directory service and identity management system


developed by Microsoft.
 It is primarily used in Windows-based networks to centralize and manage network
resources, including users, computers, printers, and other network-connected devices.
 Active Directory plays a critical role in authentication, authorization, and directory
services, making it an essential component in many organizations' IT infrastructures.
 Active Directory is a directory service, which means it stores information about
network resources in a structured and hierarchical manner.
 Active Directory provides authentication services, ensuring that users and devices are
who they claim to be before granting them access to resources.
Active Directory Enumeration
 Active Directory Enumeration is a process of gathering information about an Active
Directory environment.
 It's a crucial step for both administrators and potentially malicious actors (hackers) as
it helps them understand the network structure, discover vulnerabilities, and plan their
actions.
 Enumeration may involve:
 Enumerating Users and Groups
 Enumerating Computers and Servers
 Enumerating Shares and Permissions
 Enumerating Domain Controllers
Tools for Active Directory Enumeration & Exploitation:
 PowerShell:
- PowerShell is a powerful scripting language in Windows that can be used to query
and interact with Active Directory.
- There are various PowerShell modules, such as Active Directory Module, that
facilitate AD enumeration and management.
 Net Command:
- The "net" command in Windows provides various functionalities for enumerating
users, groups, shares, and other AD-related information.
 LDAP Enumeration Tools:
- LDAP (Lightweight Directory Access Protocol) enumeration tools like ldapsearch
can be used to query AD for information about users, groups, and other directory
objects.
 Enum4linux:
- Enum4linux is a Linux-based tool for enumerating information from Windows
machines, including information related to the Active Directory domain, shares,
and more.
 BloodHound:
- BloodHound is a popular tool for analysing and visualizing Active Directory trust
relationships and permissions.
- It helps identify attack paths and potential security issues.
 Mimikatz:
- A tool that can extract plaintext passwords, hashes, tickets, and keys from
Windows systems.
- It can also perform pass-the-hash, pass-the-ticket, overpass-the-hash, and other
credential theft and reuse attacks
Practical
HacktheBox – Dancing Machine

References
1. https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/get-started/virtual-dc/
active-directory-domain-services-overview
2. https://www.paessler.com/it-explained/active-directory
3. https://www.cyberark.com/what-is/active-directory/
4. https://www.hackthebox.com/blog/active-directory-penetration-testing-cheatsheet-and-
guide

You might also like