Visit official github page
Certified Red Team Professional (CRTP) - Notes

ℹ️0 - Course Summary

Topics

  1. Active Directory (AD)

  2. PowerShell

  3. AD Enumeration

  4. Trust and Privileges Mapping

  5. Local Privilege Escalation

  6. Credential Replay Attack (Over-PTH, Token Replay, etc.)

  7. Domain Privilege Escalation

  8. Dumping System and Domain Secrets

  9. Kerberos Attack and Defense (Golden, Silver tickets and more)

  10. Abusing Cross Forest Trusts

  11. Delegation Issues

  12. Persistence Techniques

  13. Abusing SQL Server Trusts in an AD Environment

  14. Detecting Attack Techniques

  15. Defending an Active Directory Environment

  16. Bypassing Defenses

Scope of Lab

Subnet range (only on course lab) -> 172.16.1.0/24 - 172.16.17.0/24

Everything else in not in scope.

PowerShell

Powershell provides access to almost everything in a Windows platform and Active Directory Environment.

It's based on .NET framework and is integrated with Windows OS.

We'll use it to interpretate attacker methodologies and running powerful scripts.

Resources

LogoActive Directory Domain Services Overviewdocsmsft

❗ Disclaimer

Never use tools and techniques on real IP addresses, hosts or networks without proper authorization!

PreviousCertified Red Team Professional (CRTP) - NotesNext1️⃣ 1 - Active Directory (AD)

Last updated