For direct assistance contact us! +91-9999508202 [email protected]

Active Directory Pentesting and Security 

Active Directory Pentesting and Security is Foundation training to pentest and defends the on-prem active directory environments.
Today, most enterprise networks are managed using Windows Active Directory, and a security professional must understand the critical threats to the windows infrastructure.
Active Directory Pretesting and Security training is designed to provide security engineers to understand, analyze and practice threats and attacks in an Active Directory environment. The course is based on our extensive research in breaking the Windows and AD environments. The training is complete beginner-friendly and it comes with an instructor-led course.
There is a large gap of knowledge that security professionals and administrators often struggle to fill when it comes to AD security. We often found misconfigured environments because of skill-gap and understanding the seriousness of attacks. Over the years, we have delivered numerous real-world training’s on AD security to internal engineering teams.
The Active directory pentesting and security simulates real-world attack and defense scenarios, and we start with a non-admin user account in the domain and work our way up to enterprise admin. The focus is on exploiting various overlooked domain features and not just software vulnerabilities.
We cover topics like AD enumeration, tools to use, domain privilege escalation, domain persistence, Kerberos based attacks (Golden ticket, silver ticket and more), ACL issues, SQL server trusts, and bypasses of defenses










Active Directory Pentesting and security 1
module 1 : Active directory Pentesting and security Overview
  • Active Directory Implementation Overview
  • Kerberos and NTLM authentication procedure
  • Domain ACL and Sensitive groups overview
  • Understanding Domain Trusts and boundries 
  • Designing Active Directroy Pentesting Lab for Pentesting


Active Directory Pentesting and security 2
module 2 : MITRE Framework and C2 Server Setup
  • MITRE AT & CT Framework for Pentesters
  • Understanding the C & C for active directory  pentesting
  • Comparison matrix of C2 servers
  • Setting up Cobalt strike , Empire and Mythic-c2
  • Designing C2 profiles for avoiding detections
Active Directory Pentesting and security 3
module 3 : Initial Access attacks and Windows API -101 for penetsters
  • Enumerating the organization for initial access overview
  • Common public-facing services insecurities
  • OSINT Primer for AD pentesting
  • Windows API Overview
  • Understanding windows Architecture
  • Process, threads, DLLs, Virtual memory
  • Creating malicious process with windows API
  • Common obfuscation to bypass AV
  • Offensive VBA for pentesters
  • Developing malicious Documents for initial access
  • Stomping the malicious Documents
Active Directory Pentesting and security 4
module 4 : WIndows privilege escalation
  • Automated enumeration of vulnerabilities
  • Windows privilege escalation attacks
      • Services exploitation
      • Credential theft
      • Bypassing lsass protections
      • UAC bypassing
      • Token impersonation
Active Directory Pentesting and security 5
module 5 : Powershell & in-memory Executions for pentesters
  • Understanding basics of PowerShell cmdlets
  • File transfer with PowerShell
  • understanding WMI and Powershell remoting
  • PowerShell Reverse shell and payloads
  • Payload execution on the fly, avoid writing into disk
  • Fileless attacks process and lifecycle
  • Reflective DLL loader with PowerShell
  • Obfuscation with PowerShell
  • Disabling defences and adding exclusions with PowerShell
  • Enabling RDP and Disable Restricted Admin mode
  • Understanding the AMSI service
  • Bypassing AMSI protections
  • Understating In-memory executions
  • Executing executable assemblies in memory



Active Directory Pentesting and security 6
module 6 : Quick win attacks in active directory
  • Password Spraying attacks
  • Pass the hash attacks
  • RDP access with Pass the hash
  • Accessing LAPS 
  • Misconfigured Sysvol policies 
  • Brute forcing hashes 
Active Directory Pentesting and security 6
module 7 : Domain enumeration primer
  • Domain users enumeration
  • Domain computer enumeration
  • Domain groups enumerations
  • GPO and OU enumerations
  • Domain ACL enumerations
  • Automating Domain enumeration with bloodhound
Active Directory Pentesting and security 8
module 8 : Appplication whitelisting and attacking Applocker polcies
  • Understanding the Application whitelisting 
  • Bypassing the Powershell execution restrictions
  • Restricting executions with Applocker policies 
  • Default policies and Custom policies 
  • Bypassing the app locker policies with common whitelisted locations
  • Bypassing CLM with the living off the lands techniques
Active Directory Pentesting and security 8
module 9 : Attacking Kerberos and ACL attacks
  • Understanding Delegations
  • Attacking Unconstraint delegations
  • Attacking Constraint delegations
  • Attacking Service Principal Names
  • Attacking service accounts
  • Targeted Kerberosting attacks
  • Kerberos double Hope Issues
  • Distributed COM Model issues
  • Pass the ticket and overpass the hash attacks
  • Attacking via sensitive groups to become domain administrator
  • Exploiting ACLs in AD
Active Directory Pentesting and security 8
module 10 : Domain pesistence attacks and remidiations
  • Understanding domain persistence
  • Dcsync attack
  • DSRM and DCshadow attacks
  • ADCS attacks
  • Silver ticket attack
  • Golden ticket attack
  • Zerologon attack
  • Defending primer for system administrator and security engineers
  • The Principle of (Endpoint) Least Privilege implementation
  • Just Enough Administration
  • Principal of Documenting and monitoring the data .
who should attend this training?

This training is a core foundation training. Anyone who has basic Pentesting knowledge can join this training

why should i take this training?

Organizations want to protect their internal infrastructure from intruders but there is a massive skill gap in core on-prem environment deployment. To fill the skill gap we have designed this training for administrators and Pentesters. For Pentesters, it’s a golden opportunity to upgrade the existing knowledge. This course will prepare the overall mindset to think about how APT’s are targeting the organisations. 

prerequisite of the training ?

The person should familiar with basic IT operations 

what is the total duration of the training ?

Active directory pentesting and security is an Instructor-led online training.

The total duration of the training is 25 hours.

Active directory pentsting and

security inqurity form

5 + 12 =

Our clients


A milestone in cyber security training and assessment. The trainer is extremely knowledgeable specially Naresh. You can say that he is an encyclopaedia of cyber security and has excellent customer service from Kirti and Richa.Prompt reply from them in management or other queries.Thank you for sharing such precious and valuable knowledge with us.Grateful and thankful
Anuvind Twari

Security enginer

This is the best place of learning for those seeking TRUE learning in cyber security…..there are many many institutes but amount of practical knowledge matters that one can have here….and also very friendly and professional faculty.

Amit goel


together Let’s Create the future

15 + 14 =