<aside>
✨
Sections 1 and 2 should be studied in parallel.
</aside>
1. Foundation Building: Windows and PowerShell Basics
- Windows Fundamentals: Start by mastering basic Windows concepts, focusing on areas such as processes, services, file permissions, and user account control (UAC).
- PowerShell & CMD Basics: PowerShell is essential for Windows-based environments, allowing for script-based enumeration, automation, and exploitation within AD.
2. Core Active Directory Administration
- AD Administration Fundamentals: Understanding AD’s structure is essential before pentesting. Start with key concepts, including:
- Setting Up AD: Practice installing AD and configuring it with a few users, groups, and OUs.
- Domain and Forest Configuration: Learn to create domains, forests, and establish trust relationships.
- Group Policy Objects (GPOs): Understand GPOs and how they impact users and computers in the domain.
- User and Group Management: Practice creating users and groups, managing permissions, and configuring properties like Service Principal Names (SPNs).
- Delegation and Trusts: Study AD delegation, trust relationships, and permissions across domains.
- Recommended Resource:
3. Introductory AD Labs
- For hands-on learning, consider TryHackMe AD Labs or HTB’s AD Basics module.
- Post-Exploitation Fundamentals:
- Talk a sight about what been done within AD Pentest assessment.
4. Setting Up an AD testing environment
- TCM Security’s PEH Course:
- You can watch the free part published by TCM; the first 1 hour and 34 minutes should be enough.
- Lab Environments: Build your local lab to practice your new skills.
5. AD Enumeration And Attacks Techniques