Today& #39;s infosec topic is Active Directory. Big topic.. I know.
Please reply with your favorite AD tools for testing and hardening.
I will start:
AD Explorer is pretty awesome:
https://www.blackhillsinfosec.com/domain-goodness-learned-love-ad-explorer/
https://www.blackhillsinfosec.com/domain-go... href="http://www.twtext.com.cdn.cloudflare.net//hashtag/SecTopic_ActiveDirectory"> #SecTopic_ActiveDirectory
                            
                                
                                
                                
                            
                            
                        
                        
                        
                        
                                                
                    
                    
                                    
                    Please reply with your favorite AD tools for testing and hardening.
I will start:
AD Explorer is pretty awesome:
https://www.blackhillsinfosec.com/domain-goodness-learned-love-ad-explorer/
https://www.blackhillsinfosec.com/domain-go... href="http://www.twtext.com.cdn.cloudflare.net//hashtag/SecTopic_ActiveDirectory"> #SecTopic_ActiveDirectory
                        
                        
                        Please disable LLMNR... Now. https://www.blackhillsinfosec.com/how-to-disable-llmnr-why-you-want-to/">https://www.blackhillsinfosec.com/how-to-di...
                        
                                                
                            
                                
                                
                                
                            
                            
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        PingCastle for AD Hardening https://www.pingcastle.com/ ">https://www.pingcastle.com/">...
                        
                                                
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        Implementing Sysmon and AppLocker via AD https://www.blackhillsinfosec.com/webcast-implementing-sysmon-and-applocker/">https://www.blackhillsinfosec.com/webcast-i...
                        
                                                
                            
                                
                                
                                
                            
                            
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        Reading Bloodhound output, but for BlueTeamers: https://github.com/DefensiveOrigins/PlumHound">https://github.com/Defensive...
                        
                                                
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        Oh!! And bloodhound: https://github.com/BloodHoundAD/BloodHound/wiki">https://github.com/BloodHoun...
                        
                                                
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        Please create honey accounts in Active Directory. https://www.blackhillsinfosec.com/webcast-getting-started-in-cyber-deception/">https://www.blackhillsinfosec.com/webcast-g...
                        
                                                
                            
                                
                                
                                
                            
                            
                        
                        
                        
                        
                                                
                    
                    
                                    
                    
                        
                        
                        Your turn. Please share.
Thanks!
                    
                
                Thanks!
 
                         Read on Twitter
Read on Twitter 
                                     
                                    