Domain Controller

Blog Archive Tag

the exploit blog logo
The Exploit: Penetration Testing Insights From The Frontlines
Domain Controller
  • AD Series: Resource Based Constrained Delegation (RBCD) Exploits
    ,

    AD Series: Resource Based Constrained Delegation (RBCD) for Penetration Testing

     By Andrew Trexler Exploit msDS-AllowedToActOnBehalfOfOtherIdentitity to gain administrative access in a Resource Based Constrained Delegation (RBCD) attack on penetration tests. March 12, 2024
  • AD Series: Active Directory Certificate Services (ADCS) Exploits Using NTLMRelayx.py
    ,

    AD Series: Active Directory Certificate Services (ADCS) Exploits Using NTLMRelayx.py for Penetration Tests

     By Andrew Trexler Andrew Trexler ran into issues with certipy when testing on port 443 and found that NTLMRelayx.py worked better in for those ADCS Exploits on penetration tests. January 23, 2024
  • Active Directory Certificate Services (ADCS) Misconfiguration Exploits
    ,

    AD Series: Active Directory Certificate Services (ADCS) Misconfiguration Exploits for Penetration Tests

     By Andrew Trexler Andrew Trexler adds to his AD series with a tutorial of Active Directory Certificate Services (ADCS) misconfiguration exploits for penetration tests. August 10, 2023
  • Broadcast Attacks - Responder
    , ,

    AD Series: How to Perform Broadcast Attacks Using NTLMRelayx, MiTM6 and Responder for Penetration Tests

     By Andrew Trexler Andrew Trexler continues his AD Series with an in-depth tutorial on broadcast Attacks using NTLMRelayx, MiTM6 and Responder for penetration tests. June 19, 2023
  • How to Create an Active Directory Test Environment
    , , ,

    How to Create an AD Test Environment to Use for Penetration Testing

     By Andrew Trexler Andrew Trexler walks us through creating a simple AD test environment to test new hacks before trying them on a penetration test. April 27, 2023