ADCS Certified Enterprise Security Professional
HomeAuthor
  • CESP Certification
  • 🔥RFS Methodology
    • Pwning
  • 1️⃣ Learn AD CS (Module 1)
    • Active Directory Certificate Services (AD CS)
    • 🟢AD CS Components
    • 🟢Certificate Formats
    • Certificate Attributes
    • Containers in AD
  • 2️⃣ AD CS Attacks (Module 2)
    • Attack
    • Prevention
    • Detection
  • 3️⃣ Basics of AD CS Attacks (Module 3)
    • Tools
    • AV Bypass
    • Payload Delivery
    • 🟢Bypass PowerShell Logging
    • WinRS
    • 🟢Certificate Management
    • 🟢Pass the Cert
    • 🟢UnPAC the Hash
    • 🟢S4U2Self Attack
  • 4️⃣ AD CS Patches (Module 4)
    • 🟢CBA patch
    • 🟢ADCS SID Extension Policy Module
  • 5️⃣ AD CS Enumeration (Module 5)
    • 🥰Methodology
    • Tools
    • 🟢CAs Info
    • Groups
    • Extract the Private Key
  • 6️⃣ AD CS Local Privilege Escalation (Module 6)
    • 🟢CertPotato
    • 🟢ESC1 – Understand the Arbitrary Subject Alternative Name Vulnerability
  • AD CS Domain Privilege Escalation
    • Page 3
  • AD CS Pivoting and Lateral Movement
    • Page 4
  • AD CS Theft and Collection
    • Page 5
  • AD CS Local and Domain Persistence
    • Page 6
  • Abusing Cross Forest and External Trusted CAs
    • Page 7
  • Abusing Azure CBA for Lateral Movement and Persistence on Cloud
    • Page 8
  • Evasion and Bypasses
    • Page 9
  • Group 1
    • Page 2
Powered by GitBook
On this page
  • Assumed Breach
  • 1 - Enumerate Local Machine (Student VM)

Was this helpful?

  1. RFS Methodology

Pwning

Dive deep into our comprehensive article about Assumed Breach, a vital approach in cybersecurity. Learn its significance, advantages, and implementation strategies for improved security.

PreviousCESP CertificationNextActive Directory Certificate Services (AD CS)

Last updated 9 months ago

Was this helpful?

Assumed Breach

After getting access into a machine we need to start understanding the system we are In!

1 - Enumerate Local Machine (Student VM)

Organize all the common tools you use bypass any PowerShell restrictions and start Enumerating.

Remember the Enumeration focus is data to help us attack AD CS.

Common Enumeration

  • Local Users

  • Domain Users

  • Domain Machines

  • Local VM Restrictions

  • Where is the DC?

  • Where is the CA?

Local Users

// Some code

Domain Users

// Some code

Domain Machines

// Some code

Local VM Restrictions

// Some code

Where is the DC?

// Some code

Where is the CA?

// Some code
🔥
Page cover image