I just wanted to say hiiiii
Really happy I just finished HTB AD Exploitation module, and I wanna mark my achievement here
What about it?
You have 11 Windows machines you have to break. Because it is AD related, most of them are domain controllers. What I had to do was find the initial foothold (local account, service account or basic domain account) and then escalate to domain admin.
I learned a lot of things I did not about. AD is huge, and I’m pretty sure this is just just a piece of what AD and a corporate network actually means. Besides the machines and learning curve, taking notes was also a pain in the ass because there were a lot of attack vectors, techniques, tools I had to incorporate within my pentest procedure.
Because I did not rush things, this was work of months – my goal was not to hack a lot of machines in short time, but to learn new things and have more technical knowledge instead.
I recommend this track if you wanna learn ways to attack AD environments.