Understanding Active Directory

For example, imagine you need to change a user’s password on their user account and there are over 100 devices in the network – this can be very challenging. Within Microsoft Windows Server, you will find many roles and features that can be installed and configured to help IT professionals provide many services and resources to everyone on a network. One such service within Microsoft Windows Server is known as Active Directory. This is a directory service that helps IT professionals centrally manage the users, groups, devices, and policies within the organization. ...

November 24, 2025 · 5 min · 1003 words · 0x-s0M3n4th

Enumerating Active Directory

Power on your 4 machines : THE PUNISHER, THESPIDERMAN, WIN_2K22, KALI LINUX Then make sure your THEPUNISHER machine can identify the local network in my case it’s MARVEL.local Creating an Antivirus GPO on windows server 2022 , i made this inside win 2019 previously. Use the following commands inside your any windows server: PS C:\Users\Administrator> New-GPO -Name "DisableAVGPO" | New-GPLink -Target "DC=MARVEL,DC=local" 4. Next, use the following commands to link the DisableAVGPO policy on the MARVEL.local domain: ...

November 24, 2025 · 5 min · 906 words · 0x-s0M3n4th

BloodHound

BloodHound is an Active Directory data visualization application that helps penetration testers to efficiently identify the attack path to gain control over a Windows Active Directory domain and forest. In addition, it helps with identifying the misconfigurations and relationships that could be exploited by threat actors. Furthermore, BloodHound uses graph theory to reveal hidden relationships within an Active Directory environment, thus making it easier for penetration testers to visualize privilege escalation paths. Overall, the data in Active Directory must be collected from the organization using a collector such as BloodHound-Python, SharpHound, or AzureHound. Once the data has been collected, it has to be processed by BloodHound, which provides the attack path to domain takeover within an organization. ...

November 24, 2025 · 3 min · 508 words · 0x-s0M3n4th

Leveraging Network-Based Trust in AD

While this section focuses on exploiting the trust of the Active Directory roles and services within a Windows environment, there are several types of attacks, such as pass-the-hash, that exploit the security vulnerabilities found within the protocols of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite. When we talk about TCP/IP, we are often referring to network-related technologies and devices. However, the protocols within TCP/IP can be found in the operating system and the applications running on a host device as well. ...

November 24, 2025 · 9 min · 1895 words · 0x-s0M3n4th