Skip to content
PwnDefend
  • Base
  • Comms Room
    • Customer Feedback
    • Company Information
    • Security Management
  • Services
    • Consulting Services
      • Enterprise Security Posture Assessment
      • Cyber Security Assurance & Security Testing Services
      • IT Security Healthchecks
      • Active Directory Assessment Services
      • Managed Remediation Services
    • Emergency Cyber Incident Response Support
    • Our Success Stories
    • Partner Services
  • Blog
  • Privacy
Defense

Post Compromise Active Directory Checklist

Nuke it from orbit, it’s the only way to be sure!

Ok, in an ideal world you can re-deploy your entire environment from scratch, but back in the most people’s real world’s that’s not that simple. So, what do we do if we can’t nuke from orbit in a post compromise situation? Well, we need to clean up! This isn’t an exhaustive list, not a total guide. it’s a quick list to make you think about some key common areas and actions that might need to be taken! after all if someone got r00t, who knows what they did! (trust me, most orgs monitoring is a bit naff!)

Read more “Post Compromise Active Directory Checklist” →
Guides

Rapid Active Directory Security Testing of Windows Server 2022…

Introduction

Ever needed to test active directory in a hurry? Well, here’s some common commands to test active directory domain services. In this post today we are going to focus on DNS and username enumeration, there are however a range of weaknesses you want to look for:

  • SMB Null Session/Guest Access
  • LDAP Null Bind
  • Sensitive Information Disclosure
  • Weak Password Policies
  • Unpatched Software Vulnerabilities

Active Recon

Port Scanning and Service Fingerprinting

nmap -p- -sC -sV -Pn -v -A -oA ecorp.local.txt 192.168.1.22

Text Description automatically generated

Text Description automatically generated

Domain Name and Domain Controller Enumeation

Read more “Rapid Active Directory Security Testing of Windows Server 2022 and Kali Linux” →

CTF

How to enable NULL Bind on LDAP with Windows…

History of NULL bind

Back in the early Active Directory days NULL bind was actually enabled by default, these days you can get a rootDSE NULL bind out of the box but on Windows Server 2019 you can even disable this!

So why would I want to enable NULL bind? Well, some legacy apps may need it but generally speaking you don’t want NULL bind enabled.

The lesson here is DO NOT copy what I am doing here! Simples! Read more “How to enable NULL Bind on LDAP with Windows Server 2019” →

Recent Posts

  • Why is security so hard?
  • Virtual Desktop Infrastructure (VDI) & Cyber Essentials
  • Technology in the Wild
  • CrackMapExec (CME) on Windows
  • Ransomware + Mega = Mega Cyber Pain

Recent Comments

No comments to show.

Archives

  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • March 2020
  • February 2020
  • January 2020
  • October 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018

Categories

  • Architecture
  • Breach
  • Company News
  • CTF
  • Defence
  • Defense
  • Education
  • Guides
  • Hacking
  • Leadership
  • News
  • OSINT
  • Reviews
  • Strategy
  • Threat Intel
  • Uncategorized
  • Vulnerabilities
Copyright (c) Xservus Limited
Theme by Colorlib Powered by WordPress