Adversary Perspectives - Active Directory
Important
After reading the material, use the following resources to prepare for your specific delivery:
Windows and Active Directory
The focus for this course is Window and Microsoft Active Directory. Active Directory Security Fundamentals will teach you many of the basic concepts of Active Directory and Kerberos with a focus on security and identifying misconfigurations. If this is your first time with these concepts, we recommend reviewing these resources prior to the course delivery.
- Sean Metcalf’s ADSecurity Blog
- Microsoft Kerberos Authentication Overview
- Active Directory Attack and Defense
- BloodHound
LDAP
There is a heavy focus on LDAP and constructing LDAP filters in both the lectures and labs. LDAP concepts will be explained to students, but as it can be complex, we recommend the following resources to get started:
- Active Directory: LDAP Syntax Filters - https://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx
- LDAP Filters - https://ldap.com/ldap-filters/
- Introduction to LDAP Filters (attacker focused) - https://posts.specterops.io/an-introduction-to-manual-active-directory-querying-with-dsquery-and-ldapsearch-84943c13d7eb
Course Caveats
- This is a security focused Active Directory Fundamentals course
- There are some concepts which are not covered
- Microsoft Active Directory is all that is covered
- The labs are artificial environments
- Exceptions and outliers for special AD circumstance is not covered