12. Active Directory Attacks and Defence
Active Directory is the #1 target in enterprise attacks. This mind map covers how adversaries exploit AD and the specific hardening controls that stop them.
Topics Covered
- Kerberoasting and AS-REP Roasting
- Pass the Hash / Pass the Ticket
- Golden Ticket and Silver Ticket
- DCSync attack
- BloodHound enumeration
- Lateral movement: WMI, PSExec, RDP
- Tiered admin model and PAW
- Microsoft Defender for Identity
- Protected Users group