From 2e4bc32022d0b3a3f7601892aa80111072b2099b Mon Sep 17 00:00:00 2001 From: Rahmat Nurfauzi Date: Tue, 9 Jun 2020 14:20:21 +0700 Subject: [PATCH] Added more resources --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index c50e7ca..7bb62c3 100644 --- a/README.md +++ b/README.md @@ -288,6 +288,7 @@ Advanced Threat Protection and Advanced Threat Analytics](https://www.blackhat.c ### Others * [Compromising Plain Text Passwords In Active Directory](https://blog.stealthbits.com/compromising-plain-text-passwords-in-active-directory) +* [Kerberos Tickets on Linux Red Teams](https://www.fireeye.com/blog/threat-research/2020/04/kerberos-tickets-on-linux-red-teams.html) ------ ## Persistence @@ -367,6 +368,7 @@ Advanced Threat Protection and Advanced Threat Analytics](https://www.blackhat.c * [BloodhoundAD-Queries](https://github.com/Scoubi/BloodhoundAD-Queries) * [Kerberos Attacks Cheat Sheet](https://gist.github.com/TarlogicSecurity/2f221924fef8c14a1d8e29f3cb5c5c4a) * [Bloodhound Cypher Cheatsheet](https://hausec.com/2019/09/09/bloodhound-cypher-cheatsheet/) +* [Kerberos cheatsheet](https://gist.github.com/knethteo/2fc8af6ea28199fd63a529a73a4176c7) ## Other Resources * [Tactics, Techniques and Procedures for Attacking Active Directory BlackHat Asia 2019](https://docs.google.com/presentation/d/1j2nW05H-iRz7-FVTRh-LBXQm6M6YIBQNWa4V7tp99YQ/) @@ -504,6 +506,7 @@ Advanced Threat Protection and Advanced Threat Analytics](https://www.blackhat.c |Password Spraying|4625: An account failed to log on
4771: Kerberos pre-authentication failed
4648: A logon was attempted using explicit credentials| ### Resources +* [ACTIVE DIRECTORY SECURITY ASSESSMENT CHECKLIST](https://www.cert.ssi.gouv.fr/uploads/guide-ad.html) * [ASD Strategies to Mitigate Cyber Security Incidents](https://acsc.gov.au/publications/Mitigation_Strategies_2017.pdf) * [Reducing the Active Directory Attack Surface](https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/reducing-the-active-directory-attack-surface) * [Changes to Ticket-Granting Ticket (TGT) Delegation Across Trusts in Windows Server (AskPFEPlat edition)](https://techcommunity.microsoft.com/t5/Premier-Field-Engineering/Changes-to-Ticket-Granting-Ticket-TGT-Delegation-Across-Trusts/ba-p/440283) @@ -561,6 +564,7 @@ Advanced Threat Protection and Advanced Threat Analytics](https://www.blackhat.c * [Blue Team Tips](https://www.sneakymonkey.net/2018/06/25/blue-team-tips/) * [Active Directory Domain Security Technical Implementation Guide (STIG)](https://www.stigviewer.com/stig/active_directory_domain/) * [Active Directory Security Testing Guide - v2.0](https://www.slideshare.net/HuyKha2/adstg-v20-guidance) +* [Best practices for securing Active Directory Federation Services](https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/best-practices-securing-ad-fs) ## License [![CC0](http://mirrors.creativecommons.org/presskit/buttons/88x31/svg/cc-zero.svg)](http://creativecommons.org/publicdomain/zero/1.0)