Welcome to the Active Directory Attacking section of my pentesting writeups.
Here, you'll find detailed guides, methodologies, and tools that I've used for performing attacks on Active Directory (AD) environments.
This directory is dedicated to sharing knowledge, techniques, and experiences related to Active Directory security testing.
GOAD (Greedy Offensive Active Directory) is a lab environment specifically designed for practicing Active Directory attacks.
There are different types of GOAD labs. I have worked on the full GOAD lab, which has a total of 5 vms, 2 forests and 3 domains.
Here's what you can find:
- By now there are writeups on attacking Active Directory using Game of Active Directory (GOAD) which is installed on Ludus.
This document is a structured walkthrough of the GOAD (Game of Active Directory) lab. It follows a typical red team kill chain approach:
- Reconnaissance
- Initial Access
- Credential Access
- Privilege Escalation
- Golden Ticket
- ADCS and Delegation
- Bonus - Sliver
Please note:
- Use at your own risk: These techniques are for educational purposes in a controlled environment. Unauthorized penetration testing or hacking can be illegal.
- Ethical Use: Always ensure you have explicit permission to test systems you do not own.
For questions, suggestions, or if you want to collaborate on AD security projects, reach out to me:
- Email: [halilberishaa@gmail.com]
- BlueSky: [@halilberisha.bsky.social]
- LinkedIn: [@halilberisha]