All courses
Resource hub
Featured resource
Tech Upskilling Playbook 2025
Tech Upskilling Playbook

Build future-ready tech teams and hit key business milestones with seven proven plays from industry leaders.

Learn more
Hamburger Icon
  • Path icon Learning Path
    • Libraries: This path is only available in the libraries listed. To access this path, purchase a license for the corresponding library.
  • Security
    •

Active Directory Exploitation

4 Courses
4 Labs
16 Hours
Skill IQ

The Active Directory Exploitation path covers attackers target, exploit, and abuse weaknesses in Active Directory (AD) environments to escalate privileges, gain unauthorized access, and move laterally within a network. This path explores techniques such as credential dumping, pass-the-hash, Kerberos ticket attacks (e.g., Golden and Silver Tickets), and leveraging misconfigurations for domain dominance.

Get started

Content in this path

Active Directory

Active Directory from recon to privilege escalation!

Course

Active Directory Recon and Enumeration

  • by Ricardo Reimao
  • 48m
  • Jan 13, 2025
Course

Active Directory Exploitation

  • by Chris Espinoza
  • 1h 29m
  • Mar 28, 2025
Course

Active Directory Privilege Escalation and Lateral Movement

  • by Ricardo Reimao
  • 41m
  • Mar 04, 2025

Active Directory Exploitation Labs

Hands-on exploitation labs!

Course

Getting Started in the Lab Environment

  • by Aaron Rosenmund
  • 6m
  • Oct 07, 2021
Lab

Active Directory Domain Access Takeover

  • by John Tear
  • 6h 5m
  • Aug 05, 2025
Lab

Active Directory Privilege Escalation

  • by John Tear
  • 5h 5m
  • Aug 05, 2025
Lab

Kerberoasting with Rubeus

  • by Sahil Gupta
  • 45m
  • Aug 04, 2025
Lab

Exploiting with BloodHound and Mimikatz

  • by Sahil Gupta
  • 1h
  • Aug 04, 2025
Try this learning path for free
Access this learning path and other top-rated tech content with a free trial.
Free individual trial Free team trial
Have questions? Get them answered now.
Start a live chat
Not sure where to start?
With over 500 assessments to choose from, you can see where your skills stand and receive adaptive learning recommendations to fill knowledge gaps in as little as 10 minutes.
Learn more

Learn with the best

Ricardo Reimao
Ricardo Reimao
Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 14+ years of IT experience, 10 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.
Chris Espinoza
Chris Espinoza
I have been a technology consultant for more than twenty-five years, currently specialized in multicloud and hybrid environments, mainly in Azure and AWS. My areas of expertise focus on infrastructure and security as a support engineer, consultant and solutions architect. I have been teaching as a Microsoft Certified Trainer throughout my career. I currently live in Mexico City. Proud husband and father.
Aaron Rosenmund
Aaron Rosenmund
Aaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation. Leveraging his administration and automation experience, Aaron actively contributes to multiple open and closed source security operation platform projects and continues to create tools and content to benefit the community. As an educator & cyber security researcher at Pluralsight, he is focused on advancing cyber secur...
John Tear
John Tear
John Tear is a seasoned offensive security specialist with over two decades of dedicated experience in the field of IT security and 7 years in cybersecurity. Possessing the coveted OSCE3 certification, John is a recognized authority in the UK civil nuclear sector at identifying vulnerabilities, exploiting those vulnerabilities, and helping defenders to protect their infrastructure.
Sahil Gupta
Sahil Gupta
Sahil Gupta is a skilled cybersecurity professional with a focus on Product Security. Their expertise lies in implementing DevSecOps practices such as SAST, SCA, DAST, IAST, RASP, WAF, Cloud Native Security, and Supply Chain Security. With certifications including Certified Ethical Hacker (CEHv10), IBM Cybersecurity Analyst Professional, and Fortify DAST and SAST Certified Specialist, they excel in conducting comprehensive Penetration testing for Web and API applications. Renowned for their pro...

Join our learners and upskill
in leading technologies