Post Compromise Attacks

Pass the Hash / Password

Pass the Hash

We can dump hashes with secretsdump.py and crack with Hashcat.

Token Impersonation

Kerberoasting

GPP / cPasswords Attacks (Group Policy Preferences)

LogoPentesting in the Real World: Group Policy Pwnage | Rapid7 BlogRapid7

Mimikatz

LogoGitHub - gentilkiwi/mimikatz: A little tool to play with Windows securityGitHub

Golden Ticket Attack

LogoMicrosoft Active Directory Golden Ticket Attacks Explained | QOMPLXRisk Management for Cyber Security, Insurance, & Finance | QOMPLX

PreviousPost Compromise EnumerationNextPivoting

Last updated

Was this helpful?