VAR_PenTesting

Pen Testing Active Directory Environments

Our free step-by-step Ebook will show you all the tools and tactics that hackers use to leverage AD in post-exploitation.

Have you ever pen tested your Active Directory environment?

Hackers have known for a long time that Active Directory is a very rich source of metadata that can be used to accelerate the post-exploitation process.

Want to learn all the tools and tactics that they use to leverage AD in post-exploitation?

We'll explain how crackmapexec, PowerView, and a little graph theory can be used to ferret out vulnerabilities in your Active Directory environments before hackers find them.

What's covered...
  • Crackmapexec and PowerView
  • Getting Stuff Done With PowerView
  • Chasing Power Users
  • Graph Fun
  • Admins and Graphs
  • The Final Case
And more!

Trusted By

FAQ Frequently Asked Questions

  • Won't pen testing bring down my system?

    Nope! Some of the most interesting pen testing can be accomplished by passively gathering information. The more
    you know about your environment — IP addresses, computer names, users and especially admin accounts,
    as well as where sensitive content is likely to reside — the better position you’re in.
  • Do I need to hire a pen tester?

    Nope! Instead of bringing in pen testers, the internal IT groups can in theory do the analysis and risk reduction involving
    Active Directive vulnerabilities. The goal for IT is to juggle Active Directory users and groups into a configuration
    that greatly reduces the risk of hackers gaining user credentials and stealing valuable IP and consumer data
    (credit card numbers and passwords).
  • This looks awesome but I don't have the bandwidth - can you help?

    Yes! A personalized risk assessment will help you discover where you’re vulnerable and highlight real security issues.