Windows Pentest Tutorial (Active Directory Game Over!)

@david what did the sysadmin did wrong in the installation of xammp?

Muy bueno!

WOW, very nicely done

awesome presentation and demo. David and Remi

Hi David. I find your videos very informational, and this one is so far "the best." Thanks for interviewing one of my country men. This presentation scares me :( Am for sure going to make a call to Remi

Better to roll your own LSASS dumper.

Thanks David & Remi, this is probably the best demo on AD hacking, I will watch this repeatedly until I get good grasp of AD hacking.

Thanks David for a great channel. From Cyber security, hacking, pen testing, networking … all in one. Also thanks to Remi for the excellent demo

Great stuff. Thanks @David for make this happen. I need to re-watch and take more notes. Thank you!!

Good piece of information, it gives us great tips to protect ADs. Bring him for more topics maybe exploiting some Cloud IAMs (Azure AD, Okta etc)

Amazing video and demo! One of the best explanations on Golden Ticket exploitation I've seen. Thanks

Sheesh David, I appreciate the questions but who in their right mind would be attempting to pentest Windows without knowing the difference between Domain Admin and Local Admin.. lol. Sorry, I just feel like that kind of slows down the pace of the video.

GREAT video!!! Thank you for the content.

if I wasn't broke I'd tip this video but doesn't look like you would need it 🤑

I watched this video and immediately went and checked like 20 files on various systems. LOL. Good wake-up for anyone that might not be thinking about these attacks.

sophos antivirus always in the way brothers

What a great video! Super interesting!

Thank you very much for this sir.

It's time to start renaming the Guest accounts to Jeff

Mimikatz doesn’t work well on client machine without full privileges!

How do we get these simulated labs to practice

Brilliant video, and brilliant explanations all round. Just out of curiosity if a golden ticket file did fall into the wrong hands, would it be traceable to whoever created it?

This vid is brilliant, Remy explained things so well and David you asked the questions popping right into my mind. Great job! Thanks!

Eye opening video... Didn't know there is so many open holes in the active directory

awesome sauce. Thank you!

Really amazing

Awesome Video, I'd love to see more like this!!

Very indepth and intriguing video. I'd like to see Remy provide more explanations to OffSec practices and again, with he explanations.

What about caylx institute for isp?

High valuable content. Looking forward for more stuff like this. Thank you 👍

GOLDEN TICKET of an explanation Remi was amazing

Good stuff David - inside the mind of Remi ;)

But you also need to tell people that pentesting AD environments is not that easy, it involves so much more than that, this is a very basic pentest that u can only find in CTF machine and very rare to see in a real life environments.

This vid is a gem, and Remi is a breath of fresh air. Great explains along the way, but not too much to put off viewers with reasonable knowledge in some areas. More id definitely required from you guys if possible. Never change Remi, people who work with you must love it!!

Great video.

Thank you so much this is the video I have always been wanted the full pentest from initial access to lateral movement, escalation and persistence. Pretty much the whole package. Great stuff.

Amazing, I have been sysadmin for a long time, this is scary stuff, I did notice antivirus was not enabled and would also need to be bypassed before mimikatz could be run, but as in all things that's a whole other video that probably should not see the light of day 😂

Awesome video

Great demo! Very informative for system administrators on things to look out for in the environment.

The Kerberos ticket lifetime of 10 years explains some weirdness I encountered at work recently where the Kerberos ticked had expired for some accounts.

If you penetrate a system and gain domain admin right - change the background image on every account with a nice little message.

nice but that powershell command can't work in my laptop even i did everthing as he did

@Rational Bushcraft I don't see a link to the commands either.

Hello, hope you are doing good, please where is the command lines github page or source as you said before the start of the penstest, thank YOU.

Right

"muh names jeff" LMAO

Really great video and full of good information. I appreciate you both for taking the time to explain this and upload this video, thank you !!!

I have a question- Agreed that user credentials were stolen and rdp is being used now. But how do we get into the network? Unless we get into the corp network there is no way rdp would work. Or am I missing something?

"my name is Jeff" 🤣
this tutorial was amazing. So how do you protect against these attacks? solution?