---------------------------------------------resources-------------------------------------------
GPOAbuse script : https://github.com/Hackndo/pyGPOAbuse
------------------------------------------------------------------------------------------------------------
GPO enumeration | attacking active directory
The content in this video is for educational purposes only. We do not promote or condone any illegal activity or hacking without the expressed
written consent of the target. Any actions taken by viewers based on the content of this video is solely at their own risk and we will not be held
liable for any damages or legal consequences that may arise.
From Theory to Practice: Hacking Active Directory with Kerberos
attacking active directory for beginners hackthebox
attack active directory for beginners hackthebox
GPO enumeration | attacking active directory
group policy enumeration
attacking active directory for beginners with hackthebox #0
Hello everyone, Group Policy Objects (GPOs) are often overlooked when attacking Active Directory, but they can hold potential attacks that can escalate privileges on the target machine. In this video, we will cover the basics of GPOs, including how they work, why they are important, and demonstrating how to create an attack path that grants full control to a regular user on a GPO, providing the ability to execute commands as an administrator. #pentesting. #pentesting #pentest #redteaming #cybersecurity #hacking #activedirectory #GPOs #enumeration
--------------------------------MENU--------------------------------
00:00 intro
00:35 - what are GPOs ?
01:12 - what is an OU ?
01:37 - create a user and a group
02:10 - explain GPO on the DC
03:14 - create the testGPO
04:08 - authenticate as the testuser
04:30 - enforcing GPOs and block inheritance
05:11 - create an attack path
06:25 - switch to the fsmith shell
06:45 - enumerating the badGPO
08:24 - exploiting the badGPO
09:40 - check the scheduled task that has been created
10:10 - check if fsmith is member of administrators
---------------------------------------------------------------------------------
account.activedirectory.windowsazure,bloodhound,crackmapexec,smbmap,gpo active directory,smbclient,rpcclient,active directory, pentesting, penetration testing, hacking, cybersecurity, kerberos, CTF, Hackthebox, enumeration, username enumeration, password cracking, brute-force, dictionary attack, rainbow table, Windows authentication, authentication protocol, Windows security, network security, ethical hacking, red team, blue team, cyber defense, cyber offense, cyber attacks, cyber threats, cybercrime, cybersecurity training, IT security, information security, cyber risk, vulnerability testing, exploit development, exploit techniques, privilege escalation, lateral movement, Active Directory attacks, AD security, AD exploitation, network penetration testing, network security testing, vulnerability assessment, security assessment, ethical hacking tutorial, cybersecurity tutorial, cybersecurity education, cybersecurity skills, cybersecurity certification, cybersecurity career, cybersecurity jobs, IT jobs, IT career, cybersecurity industry, cybersecurity trends, cybersecurity news, cybersecurity best practices, cybersecurity tools, cybersecurity software, cybersecurity framework, cybersecurity standards, cyber law, data privacy, compliance, regulatory compliance, industry compliance, security compliance, information security management, cybersecurity risk management, cybersecurity strategy, cybersecurity planning, cybersecurity framework, security architecture, cyber resilience, incident response, threat intelligence, security operations center, security analyst, penetration tester certification, ethical hacking certification, cybersecurity certification, security certification, IT certification, online cybersecurity training, online ethical hacking training, online security training, active directory training, group policy objects,GPO,GPOs
Информация по комментариям в разработке