Today's infosec topic is Active Directory. Big topic.. I know.

Please reply with your favorite AD tools for testing and hardening.

I will start:

AD Explorer is pretty awesome:

https://www.blackhillsinfosec.com/domain-goodness-learned-love-ad-explorer/

#SecTopic_ActiveDirectory
Domain Goodness - How I Learned to LOVE AD Explorer - Black Hills Information Security

Sally Vandeven // OR How to Pentest with AD Explorer! Mark Russinovich’s Sysinternals tools (Microsoft) are nothing new. They have been a favorite among system administrators for many, many years....

https://www.blackhillsinfosec.com/domain-goodness-learned-love-ad-explorer/
Please disable LLMNR... Now. https://www.blackhillsinfosec.com/how-to-disable-llmnr-why-you-want-to/
How to Disable LLMNR & Why You Want To - Black Hills Information Security

Kent R. Ickler // Link-Local Multicast Name Resolution (LLMNR) This one is a biggie, and you’ve probably heard Jordan, John, me, and all the others say it many many times. LLMNR was (is) a protocol...

https://www.blackhillsinfosec.com/how-to-disable-llmnr-why-you-want-to/
PingCastle for AD Hardening https://www.pingcastle.com/ 
Home - PingCastle

Because the Active Directory security lies in the process and not in expensive tools, our solution is simple: download PingCastle and apply its methodology.

https://www.pingcastle.com/
Implementing Sysmon and AppLocker via AD https://www.blackhillsinfosec.com/webcast-implementing-sysmon-and-applocker/
Webcast: Implementing Sysmon and Applocker - Black Hills Information Security

Click on the timecodes to jump to that part of the video (on YouTube) Download slides: https://www.activecountermeasures.com/presentations 5:03 Introduction, problem statement, and executive problem...

https://www.blackhillsinfosec.com/webcast-implementing-sysmon-and-applocker/
Reading Bloodhound output, but for BlueTeamers: https://github.com/DefensiveOrigins/PlumHound
DefensiveOrigins/PlumHound

Bloodhound for Blue and Purple Teams. Contribute to DefensiveOrigins/PlumHound development by creating an account on GitHub.

https://github.com/DefensiveOrigins/PlumHound
Oh!! And bloodhound: https://github.com/BloodHoundAD/BloodHound/wiki
BloodHoundAD/BloodHound

Six Degrees of Domain Admin. Contribute to BloodHoundAD/BloodHound development by creating an account on GitHub.

https://github.com/BloodHoundAD/BloodHound/wiki
Please create honey accounts in Active Directory. https://www.blackhillsinfosec.com/webcast-getting-started-in-cyber-deception/
Webcast: Getting Started in Cyber Deception - Black Hills Information Security

Ever wanted to get started in cyber deception? Ever wanted to do it for free? In this BHIS webcast, we will cover some basic, legal, and easy tools/techniques to get you started in working with low...

https://www.blackhillsinfosec.com/webcast-getting-started-in-cyber-deception/
Your turn. Please share.

Thanks!
You can follow @strandjs.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more