Internal attack vectors covered include:

  • Domain Credential Guessing and Cracking
  • Broadcast Name Resolution Poisoning
  • Local Administrator Attacks using Local Accounts
  • Local Administrator Attacks using Domain Accounts
  • Stealing Credentials from Memory (Mimikatz)
  • Privilege Escalation by Cracking SPN Kerberos Tickets (Kerberoasting)
  • Automated Collection of Internal Data and Account Information
  • Execution via Trusted Code (Signed Binaries or Scripts)
  • Access Token Manipulation
  • Exploitation of Remote Software

Download the PDF