From 651844f66edba33e7646be3498a00de447093e99 Mon Sep 17 00:00:00 2001 From: Rahmat Nurfauzi Date: Fri, 9 Aug 2019 18:06:14 +0700 Subject: [PATCH] Update README.md --- README.md | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index ecde590..86e1f2f 100644 --- a/README.md +++ b/README.md @@ -58,6 +58,7 @@ This document was designed to be a useful, informational asset for those looking * [Blue Cloud of Death: Red Teaming Azure](https://speakerdeck.com/tweekfawkes/blue-cloud-of-death-red-teaming-azure-1) * [Azure AD Connect for Red Teamers](https://blog.xpnsec.com/azuread-connect-for-redteam/) * [Red Teaming Microsoft: Part 1 – Active Directory Leaks via Azure](https://www.blackhillsinfosec.com/red-teaming-microsoft-part-1-active-directory-leaks-via-azure/) +* [Attacking & Defending the Microsoft Cloud](https://adsecurity.org/wp-content/uploads/2019/08/2019-BlackHat-US-Metcalf-Morowczynski-AttackingAndDefendingTheMicrosoftCloud.pdf) ### Active Directory Federation Services * [118 Attacking ADFS Endpoints with PowerShell Karl Fosaaen](https://www.youtube.com/watch?v=oTyLdAUjw30) @@ -79,14 +80,18 @@ This document was designed to be a useful, informational asset for those looking * [Abusing DNSAdmins privilege for escalation in Active Directory](http://www.labofapenetrationtester.com/2017/05/abusing-dnsadmins-privilege-for-escalation-in-active-directory.html) * [From DNSAdmins to Domain Admin, When DNSAdmins is More than Just DNS Administration](https://adsecurity.org/?p=4064) -### Unconstrained Delegation +### Kerberos Delegation +* [Constructing Kerberos Attacks with Delegation Primitives](https://shenaniganslabs.io/media/Constructing%20Kerberos%20Attacks%20with%20Delegation%20Primitives.pdf) + +#### Unconstrained Delegation +* [Active Directory Security Risk #101: Kerberos Unconstrained Delegation (or How Compromise of a Single Server Can Compromise the Domain)](https://adsecurity.org/?p=1667) * [Domain Controller Print Server + Unconstrained Kerberos Delegation = Pwned Active Directory Forest](https://adsecurity.org/?p=4056) * [Active Directory Security Risk #101: Kerberos Unconstrained Delegation (or How Compromise of a Single Server Can Compromise the Domain)](https://adsecurity.org/?p=1667) * [Unconstrained Delegation Permissions](https://blog.stealthbits.com/unconstrained-delegation-permissions/) * [Trust? Years to earn, seconds to break](https://labs.mwrinfosecurity.com/blog/trust-years-to-earn-seconds-to-break/) * [Hunting in Active Directory: Unconstrained Delegation & Forests Trusts](https://posts.specterops.io/hunting-in-active-directory-unconstrained-delegation-forests-trusts-71f2b33688e1) -### Constrained Delegation +#### Constrained Delegation * [Another Word on Delegation](https://www.harmj0y.net/blog/redteaming/another-word-on-delegation/) * [From Kekeo to Rubeus](https://www.harmj0y.net/blog/redteaming/from-kekeo-to-rubeus/) * [S4U2Pwnage](http://www.harmj0y.net/blog/activedirectory/s4u2pwnage/) @@ -346,6 +351,7 @@ Advanced Threat Protection and Advanced Threat Analytics](https://www.blackhat.c * [Bloodhound walkthrough. A Tool for Many Tradecrafts](https://www.pentestpartners.com/security-blog/bloodhound-walkthrough-a-tool-for-many-tradecrafts/) * [Attack Methods for Gaining Domain Admin Rights in Active Directory](https://adsecurity.org/?p=2362) * [PowerShell Is Dead Epic Learnings](https://www.slideshare.net/nettitude_labs/powershellisdeadepiclearningslondon) +* [Finding Our Path: How We’re Trying to Improve Active Directory Security](https://docs.google.com/presentation/d/1lQHTqXZIDxwaIUnXdO-EdvGp79RzH1rbM4zE45Kki2I/edit#slide=id.g35f391192_00) ------ ## Defense & Detection