Windows Pentest Tutorial (Active Directory Game Over!)

9 ヵ月 2 ビュー
カテゴリー:
解説:
Get your 10% discount here: https://www.offsec.com/review/david-pwk-2023/

Disclaimer: I was NOT paid for this interview. I wanted to make this video because it affects many of you watching and is a major topic on the OSCP exam. However, OffSec did give me access to Learn One for one year so I could see the course content. This has helped me prepare for the interview. Hopefully I'll be able to make more content covering what is in the PEN 200 course in future :)

// Documentation //
Changes: https://www.offsec.com/offsec/pen-200-2023/
Course: https://www.offsec.com/courses/pen-200/

// Offsec //
Twitter: https://twitter.com/offsectraining
Website: https://www.offsec.com/
LinkedIn: https://www.linkedin.com/company/offsec-training/

// Remi's SOCIAL //
LinkedIn: https://no.linkedin.com/in/remi-solberg-8991b910a

// David's SOCIAL //
Discord: https://discord.gg/davidbombal
Twitter: https://www.twitter.com/davidbombal
Instagram: https://www.instagram.com/davidbombal
LinkedIn: https://www.linkedin.com/in/davidbombal
Facebook: https://www.facebook.com/davidbombal.co
TikTok: http://tiktok.com/ @davidbombal

// MENU //
00:00 - Coming up
01:31 - Disclaimer
01:57 - Remi Solberg introduction & background
03:37 - Jump to a timestamp (check in description below)
03:57 - Simulated full-scale penetration test demo // Hacking Windows
05:12 - OffSec Learn One discount!
06:22 - Penetration test demo
09:38 - Documentation & enumeration // Prepping for penetration test
23:25 - Penetration test demo // Accessing users
30:10 - Privilege escalation
37:44 - Using ICACLS (Integrity Access Control Access List)
43:59 - Privilege escalation (continued)
52:14 - Getting around obstacles // Social engineering
53:23 - Privilege escalation (continued)
57:19 - Stealing credentials
59:11 - Using Mimikatz tool // Kerberos and NTLM Authentication (theory)
01:07:33 - Mimikatz tool demo
01:06:05 - Penetration test demo (continued) // Exposing passwords & credentials
01:23:25 - What a malicious hacker would do
01:25:55 - The "Golden Ticket" // How to forge a ticket
01:45:07 - Demo summary & tips
01:48:05 - Conclusion


// MY STUFF // https://www.amazon.com/shop/davidbombal

// SPONSORS //
Interested in sponsoring my videos? Reach out to my team here: [email protected]

oscp
pen-200
offsec
offensive sercurity
pentest
pentester
hack
hacker
hacking
ethical hacking
ethical hacker course
ethical hacker

Please note that links listed may be affiliate links and provide me with a small percentage/kickback should you use them to purchase any of the items listed or recommended. Thank you for supporting me and this channel!

Disclaimer: This video is for educational purposes only.

#hacker #pentester #oscp