Today& #39;s infosec topic is Active Directory. Big topic.. I know.
Please reply with your favorite AD tools for testing and hardening.
I will start:
AD Explorer is pretty awesome:
https://www.blackhillsinfosec.com/domain-goodness-learned-love-ad-explorer/
https://www.blackhillsinfosec.com/domain-go... href="https://twtext.com//hashtag/SecTopic_ActiveDirectory"> #SecTopic_ActiveDirectory
Please reply with your favorite AD tools for testing and hardening.
I will start:
AD Explorer is pretty awesome:
https://www.blackhillsinfosec.com/domain-goodness-learned-love-ad-explorer/
https://www.blackhillsinfosec.com/domain-go... href="https://twtext.com//hashtag/SecTopic_ActiveDirectory"> #SecTopic_ActiveDirectory
Please disable LLMNR... Now. https://www.blackhillsinfosec.com/how-to-disable-llmnr-why-you-want-to/">https://www.blackhillsinfosec.com/how-to-di...
PingCastle for AD Hardening https://www.pingcastle.com/ ">https://www.pingcastle.com/">...
Implementing Sysmon and AppLocker via AD https://www.blackhillsinfosec.com/webcast-implementing-sysmon-and-applocker/">https://www.blackhillsinfosec.com/webcast-i...
Reading Bloodhound output, but for BlueTeamers: https://github.com/DefensiveOrigins/PlumHound">https://github.com/Defensive...
Oh!! And bloodhound: https://github.com/BloodHoundAD/BloodHound/wiki">https://github.com/BloodHoun...
Please create honey accounts in Active Directory. https://www.blackhillsinfosec.com/webcast-getting-started-in-cyber-deception/">https://www.blackhillsinfosec.com/webcast-g...
Your turn. Please share.
Thanks!
Thanks!