search
LinkedInGithub
githubEdit

hardening

hashtag
Document and audit

  • Naming conventions of OUs, computers, users, groups.

  • DNS, network, and DHCP config

  • GPOs

  • A list of enterprises hosts

  • Any trust relationship

  • Users who have elevated permissions.

hashtag
AD hardening categories

  • People

  • Processes

  • Technology

hashtag
Additional AD hardening techniques

Creating an AD snapshot with AD explorer

  • Use valid domain credentials to login

PingCastle

It is a powerful to evaluates the security posture of an AD environment and provides several different maps and graphs. PingCastle can be a great resource to help you gather one in a nice user-readable map of the domain and it also provides a detailed report of the target domain's security level using a methodology based on a risk assessment framework.

Group3rarrow-up-right

  • This tool can find vulnerabilities in Active Directory associated Group Policy. Group3r must run from domain-joined host with a domain user.

ADReconarrow-up-right.ps1

It is useful to gather large amount of data from AD at once

Previoushardening-active-drectroyNextips-and-ids-evasion

Last updated