Black Hills InfoSec

Domain Goodness – How I Learned to LOVE AD Explorer

BHIS · 2017-05-15 · Read original ↗

ATT&CK techniques detected

3 predictions

T1087.002Domain Account

99%

"domain goodness – how i learned to love ad explorer domain goodness – how i learned to love ad explorer or how to pentest with ad explorer! mark russinovich ’ s sysinternals tools ( microsoft ) are nothing new. they have been a favorite among system administrators for many, many …"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1589.002Email Addresses

48%

"tricks added may 2018!! use ad explorer to assist with phishing ruses. if you want to send targeted phishing emails to a particular group from an external email address, you can query ad for distribution groups that allow mail from external sources. the attribute msexchrequireaut…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

T1087.002Domain Account

44%

"and grab their credentials from memory. that would typically be a pretty privileged account as well. there may be other attributes with interesting information as well, such as the “ info ” attribute. in the example below, we show an ad record from a real test. the data is redact…"

Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.

No matches for .

Loading techniques…

Summary

Sally Vandeven // OR How to Pentest with AD Explorer! Mark Russinovich’s Sysinternals tools (Microsoft) are nothing new. They have been a favorite among system administrators for many, many years. […]

The post Domain Goodness – How I Learned to LOVE AD Explorer appeared first on Black Hills Information Security, Inc..