How To Pass OSCP Series: Active Directory Security Step-by-Step Guide Part One Paperback – January 1, 2022

OverviewThis book is the third of a series of How To Pass OSCP books and focuses on techniques used in Windows Active Directory (AD) and Privilege Escalation.This book is a step-by-step guide that walks you through the whole process of how to identify active directory security issues and escalate privilege in the Windows environment using many common techniques. We start by gathering as much information about the target as possible either manually or using third-party tools, such as Responder, mitm6, PowerView, BloodHound, etc. Next, we search for misconfigurations in user rights, Kerberoasting, AS-REP Roasting, built-in vulnerabilities, generating Golden and Silver tickets, creating backdoor using DCShadow and DCSync, and many more.Who this book is for?If you are a cybersecurity professional who wants to be certified as an Offensive Security Certified Professional (OSCP), then this book is for you. It is also for those who want to learn about offensive security, Active Directory (AD) security and configuration, and penetration testing.Since everyone's background and experience are different, the author wrote this book in the way that you can pick any chapter that sounds interesting to you and flip to it, rather than starting at the very beginning. Table of ContentsIntroductionChapter 1: WPAD SpoofingChapter 2: Password SprayingChapter 3: PowerView EnumerationChapter 4: Misconfigured User Object ACLs/ACEsChapter 5: Misconfigured Group Object ACLs/ACEsChapter 6: BloodHoundChapter 7: DC SyncChapter 8: KerberoastingChapter 9: AS-REP RoastingChapter 10: Golden TicketChapter 11: Silver TicketChapter 12: Skeleton KeyChapter 13: DC ShadowChapter 14: ZeroLogonChapter 15: Group Policy Preferences (GPP)About the authorAlan Wang has over 20 years of experience in IT security and developing standardized methodologies for the enterprise to drive business enabling cybersecurity programs and promote industry standards and risk-based investments to maximize business opportunity and minimize risk. He created a Digital Risk platform that enables enterprises across industries to manage business and cyber risks based on a foundation of good governance as well as risk optimization. Throughout his career, he also conducts and directs information security risk assessment efforts as well as provides risk assessment expertise on complex systems, and helps organizations to adopt a focused and business-driven approach when managing and mitigating cyber risks and threats.For more information, please visit www.howtopassoscp.com. Read more