Overview

This book is the third of a series of How To Pass OSCP books and focuses on techniques used in Windows Active Directory (AD) and Privilege Escalation.

This book is a step-by-step guide that walks you through the whole process of how to identify active directory security issues and escalate privilege in the Windows environment using many common techniques. We start by gathering as much information about the target as possible either manually or using third-party tools, such as Responder, mitm6, PowerView, BloodHound, etc. Next, we search for misconfigurations in user rights, Kerberoasting, AS-REP Roasting, built-in vulnerabilities, generating Golden and Silver tickets, creating backdoor using DCShadow and DCSync, and many more.

Who this book is for?

If you are a cybersecurity professional who wants to be certified as an Offensive Security Certified Professional (OSCP), then this book is for you. It is also for those who want to learn about offensive security, Active Directory (AD) security and configuration, and penetration testing.

Since everyone's background and experience are different, the author wrote this book in the way that you can pick any chapter that sounds interesting to you and flip to it, rather than starting at the very beginning.

Table of Contents

• Introduction
• Chapter 1: WPAD Spoofing
• Chapter 2: Password Spraying
• Chapter 3: PowerView Enumeration
• Chapter 4: Misconfigured User Object ACLs/ACEs
• Chapter 5: Misconfigured Group Object ACLs/ACEs
• Chapter 6: BloodHound
• Chapter 7: DC Sync
• Chapter 8: Kerberoasting
• Chapter 9: AS-REP Roasting
• Chapter 10: Golden Ticket
• Chapter 11: Silver Ticket
• Chapter 12: Skeleton Key
• Chapter 13: DC Shadow
• Chapter 14: ZeroLogon
• Chapter 15: Group Policy Preferences (GPP)

About the author

Alan Wang has over 20 years of experience in IT security and developing standardized methodologies for the enterprise to drive business enabling cybersecurity programs and promote industry standards and risk-based investments to maximize business opportunity and minimize risk. He created a Digital Risk platform that enables enterprises across industries to manage business and cyber risks based on a foundation of good governance as well as risk optimization. Throughout his career, he also conducts and directs information security risk assessment efforts as well as provides risk assessment expertise on complex systems, and helps organizations to adopt a focused and business-driven approach when managing and mitigating cyber risks and threats.

For more information, please visit www.howtopassoscp.com.