Hi! good video! i have a question, if i disable llmnr in all domian PCs, netbios, signing req allways, response only ntlmv2, shared folders off (all PCs), disable cmd, powershell to users, rdp off, win updates cuarenta, AV and ids/ips utm on all cross vlans. It's posible to do this pentest? thanks!! regards
Probably DC dont have all patches , and u can execute zerologon ! :) and exploit that ! Also you can search for missconfiguration in Service Accounts , and try password spraying, bruteforce , etc . Dump ldap with bloodhunt to have more details about the DC.
![[Attack]tive Directory: Compromising a Network in 20 Minutes Through Active Directory](http://i.ytimg.com/vi/MIt-tIjMr08/mqdefault.jpg)
![I.N "HALLUCINATION" | [Stray Kids : SKZ-PLAYER]](http://i.ytimg.com/vi/n5B5q1Hwt_U/mqdefault.jpg)
Great walkthrough.
I can't stand MGK but love the video dude! Very cool!
😂😂 thanks so much! We can't judge Russell's music taste but at least the tech is good 😉
Thank you so much for the Video do you have the text transcript of the video?
Please make more vd for advanced techniques red team and make server Discord good work
does it still work nowadays?
Once you have domain
Admin can the user know who you are ?
Can you tell how to set up domain controller?
This is a brilliant resource to setup an Active Directory lab.
ruclips.net/video/xftEuVQ7kY0/видео.html
Thanks Bro,, Do we need to upload mimikatz to the victim PC win10 ? or its running on kali as windowsVM .
Should it be very high priority for NTLM to be disabled or is patching enough to prevent any exploit?
Hi! good video! i have a question, if i disable llmnr in all domian PCs, netbios, signing req allways, response only ntlmv2, shared folders off (all PCs), disable cmd, powershell to users, rdp off, win updates cuarenta, AV and ids/ips utm on all cross vlans. It's posible to do this pentest? thanks!! regards
Probably DC dont have all patches , and u can execute zerologon ! :) and exploit that ! Also you can search for missconfiguration in Service Accounts , and try password spraying, bruteforce , etc . Dump ldap with bloodhunt to have more details about the DC.
Dude , can i know which is the CA server ? because i can enum the DC-AD , but i never know there is a CA server :/
You domain admin????
Are you domain hacker