🖥Active Directory Lab: Enumeration and Exploitation 🔐

Robert Scocca
14 min readMay 28, 2021

Learn about Active Directory penetration testing enumeration and exploitation using tools like Impacket, Kerbrute, and CrackMapExec. This post focuses on initial external enumeration and exploitation; from the perspective of having access to the AD network but have no account credentials and little information about the internal network. You will learn:

  • Target enumeration with Nmap, CME, Nbtscan
  • Username enumeration with Nmap and Kerbrute
  • Exploit misconfigurations with Windapsearch and…