When we perform an Active Directory Security Assessment for customers, we review all of the data points listed in this post, including the privileged groups and the rights associated with them by fully interrogating Active Directory and mapping the associated permissions to rights and associating these rights to the appropriate groups (or accounts). This post details how privileged access is delegated in Active Directory and how best to discover who has what rights and permissions in AD.
I covered ways to enumerate permissions in AD using PowerView (written by Will during my Black Hat & DEF CON talks in 2016 from both a Blue Team and Red Team perspective. Active Directory Recon is the new hotness since attackers, Red Teamers, and penetration testers have realized that control of Active Directory provides power over the organization.
0 kommentar(er)
