Red Team Fundamentals for Active Directory

---

Course Description

The Red Team Fundamentals for Active Directory course is an 8-hour class focused on explaining the fundamentals of Active Directory and how different aspects can be exploited when performing penetration tests. The goal is not only to cover different attacks but also explain the details of why they work and how an environment can be made resilient to them and potentially detect malicious activity. This combination opens the course to those looking to hone their offensive skills as well as those who are protecting an enterprise network.

The course mixes lecture with a number of hands-on exercises to reinforce the information and techniques. The activities will cover ways to examine an Active Directory environment, looking for a variety of misconfigurations that are commonly seen in Active Directory implementations (even by some security conscious entities), and then exploit these issues to pivot and escalate our access. Ultimately, the students will gain full control of an AD Forest.

While in class, students will be provided access to a lab containing realistic targets and tools to learn both the attacks and defenses of Active Directory. This environment enables the attendees to understand how the covered techniques are used in the real world.

---

Topics/Agenda

• Introduction
• Active Directory Concepts & Exploitation
  • Forests, Domains, and Domain Controllers
  • Attributes and Data Replication
  • OUs and ACLs
  • Group Policy Objects
  • Authentication Protocols
  • Boundary between Windows systems and Active Directory
  • Trusts

Who Should Take This Course

Anyone

Student Requirements

While attendees don’t necessarily need any prior security experience to take this course, they will get the most out of it with a basic grasp of the following:

• Windows Operating Systems
• PowerShell

What Each Student Should Bring

A laptop with internet access

---

Course Instructor