SHARE
TWEET

Untitled

a guest Jul 21st, 2017 182 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. psloggedon.exe
  2. netview.exe
  3. pvefindaduser.exe
  4. netsess.exe
  5. nmap -sU -sS --script smb-enum-sessions.nse --script-args 'smbuser=test, smbpass=test' -p U:137, T:139
  6. Invoke-UserHunter / Invoke-StealthUserHunter
  7. Invoke-UserEventHunter
  8. PowerSploit
  9.  
  10. https://www.slideshare.net/harmj0y/i-hunt-sys-admins
  11. http://www.harmj0y.net/blog/penetesting/i-hunt-sysadmins/
  12.  
  13. samr
  14. https://gallery.technet.microsoft.com/SAMRi10-Hardening-Remote-48d94b5b
  15.  
  16. https://www.youtube.com/watch?v=CSdJ_-PhauI
  17.  
  18.  
  19. https://www.blackhat.com/docs/us-16/materials/us-16-Beery-The-Remote-Malicious-Butler-Did-It-wp.pdf
  20.  
  21.  
  22. https://digitalguardian.com/resources/data-security-knowledge-base/endpoint-detection-and-response-edr
  23. http://www.cybersecuritydocket.com/2015/10/16/edr-tool-review-carbon-black/
  24.  
  25.  
  26. https://www.tufin.com/
  27.  
  28.  
  29. https://github.com/PowerShellMafia/PowerSploit/tree/master/Recon
  30. https://pastebin.com/raw/0SNSvyjJ
  31. https://www.pwc.co.uk/cyber-security/pdf/cloud-hopper-annex-b-final.pdf
  32. https://docs.microsoft.com/ru-ru/enterprise-mobility-security/solutions/ata-attack-simulation-playbook
  33. https://blog.netspi.com/5-ways-to-find-systems-running-domain-admin-processes/
  34. https://github.com/BloodHoundAD/BloodHound/wiki/Data-Collection-Intro
  35. https://wald0.com/?p=112
  36. https://blog.stealthbits.com/local-admin-mapping-bloodhound
  37. https://blog.stealthbits.com/attacks-that-exploit-active-directory-permissions-and-how-to-protect-against-them/
  38. https://blog.stealthbits.com/exploiting-weak-active-directory-permissions-with-powersploit/
  39. https://blog.stealthbits.com/attacking-active-directory-permissions-with-bloodhound/
  40. https://adsecurity.org/?p=3658
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top