In this course, we cover the ADRecon tool, which allows you to extract valuable information from the Active Directory, including users, security groups, computers, security policies, and even Kerberos tickets.
The Active Directory of a company is a valuable source of information for a red team specialist. In there, you can find information about the users, computers, and even security policies. In this course, Discovery with ADRecon, you will learn about ADRecon, developed by Prashant Mahajan, which enables red team specialists to generate interesting reports from the Active Directory of a target company. First, you will discover the importance of the Active Directory data in a red team engagement and how this data can help you in further attacks. Then, you will see how to use ADRecon tool to extract data from your client’s Active Directory and generate a complete report about the environment. Finally, you will explore how to perform a Kerberoast attack using the ADRecon tool, in which you will gather hashed credentials from the Active Directory and crack them using Hashcat. When you are finished with this course, you will have the skills and knowledge to extract valuable information from the AD and plan your next attacks. This course covers five important tactics from the MITRE ATT&CK Framework: Password Policy Discovery (T1201), Permission Groups Discovery (T1069), Account Discovery (T1087), Data from Information Repositories (T1213) and Kerberoasting (T1208).
Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 10+ years of IT experience, 6 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.
Course Overview Hey there, welcome to Pluralsight. In this cybersecurity tools course, you'll learn how to discover information from Active Directory using the ADRecon tool. In a red team engagement, after getting initial access to a machine, one of your main objectives is to gather information about the environment so you can move laterally and escalate your privileges. The ADRecon tool helps you to extract a lot of valuable information from Active Directory so then you can plan and execute your next attacks. So, whether you're trying to escalate your privileges in a red team engagement, or just planning to audit your own Active Directory, join me in learning how to gather information from Active Directory using the ADRecon tool, here at Pluralsight.