Blog Posts and Goodies

Blogs

• ADSecurity - Tons of red teaming and active directory resources

• BadSectorLabs - Updated weekly with attack techniques and tooling

• Mubix - Mubix's blog. Details attacks and research

• SpecterOps - Specter Op's blog. New research and detailed exploitation

• BishopFox - Bishop Fox's blog has tons of different resources! Topics such as red teaming, breaking into the industry, etc.

• TrustedSec - TrustedSec's blog. One of my favorites, tons of good information here

• BlackHillsInfoSec - Blackhills' blog. Lots of different attacks and techniques detailed here

• mr.d0x - Causal Red Team & Security Research Notes from mr.d0x

Blog Posts

• Lateral_Movement_Tips_and_Tricks

• Attack_Methods_for_Gaining_Domain_Adin_Rights_in_Active_Directory

• Practical_Usage_of_NTLM_Hashes

• Mitigations_for_LSA_Credential_Exposure

• Red_+Blue=_Purple

• SMI_Protocol_and_why_Nessus_is_wrong

• Internal_Pivot_Network_Enumeration_&_Lateral_Movement

• EyeWitness_and_why_it_Rocks

• Attack_Microsoft_Exchange_Web_Interface

• GoPhish_with_SendGrid

• Finding_Buried_Treasure_in_Server_Message_Block

• Top_Five_Ways_I_Got_Domain_Admin

• A_Complete_Guide_to_Perform_External_Penetration_Testing

• How_I_Learned_to_Love_AD_Explorer

• NTLM_Relaying_via_Cobalt_Strike

• NTLM_Relaying_to_AD_CS

• Phish_for_User_Passwords_with_PowerShell

• Pushing_Your_Way_In

• Password_Spraying_Outlook_Web_Access

• Practical_Guide_to_NTLM_Relaying

• Finding_Buried_Treasure_in_SMB

• Tips_for_Pentesting_a_PCI_Environment

• Top_16_Active_Directory_Vulnerabilities

• Post_Exploitation_Windows_commands

• Shadow_Credentials_Workstation_Takeover_Edition

• Hiding_Behind_the_Front_door

• Attacking_Active_Directory:_0_to_0.9

• Windows_Lateral_Movement_with_SMB_Psexec_and_Alternatives

• Web_Shells_101_Using_PHP

Checklists

• A_Primer_on_DCSync_Attack_and_Detection

Mindmaps

• Internal_Network_Pentest_Mindmap

Quick References

• Dumping_and_Cracking_mscash

• Force_NTLM_Privileged_Authentication

Tool Lists

• Al1ex Pentest Tools

Wikis

• Vincent_Yiu_Red_Team_Tips

• HackTricks

• LOLBAS

• GTFOBins

• WadComs

• iRedTeam

• Pentest_Wikipedia

• Active_Directory_Exploitation_Cheatsheet

• Book_of_Secret_Knowledge

• PayloadAllTheThings

• Penetration_Testing_Framework

• Windows_Priv_Esc_Guide

• Attacking_and_Securing_Active_Directory

• The_Hacker_Recipes

Methodologies

• PenTest_Methodology_2020

• PenTesters_Promiscuous_Notebook

• Internal_Pentest_Playbook

• Pentest_Compilation

• Pentest-Guide