Are small Active Directory misconfigurations putting you at risk?
đź”— Register for FREE Infosec Webcasts, Anti-casts & Summits –Â
https://poweredbybhis.com
🛝 Webcast Slides
https://www.blackhillsinfosec.com/wp-content/uploads/2026/01/SLIDES_Active-Directory-Attack-Path-in-Action.pdf
Antisyphon Training events featuring Alyssa & Kaitlyn
https://www.antisyphontraining.com/search/Alyssa%20Kaitlyn
Chapters
- (00:00) - Intro - Active Directory Attack Path in Action
- (02:06) - Alyssa and Kaitlyn Fun Facts
- (02:43) - Webcast Overview
- (03:34) - Web Services
- (06:20) - Jenkins Env Hunter - Tool by Kent Ickler!
- (07:53) - Test Credentials
- (08:57) - Username Enumeration
- (12:12) - Domain Enumeration
- (14:11) - NetExec
- (15:12) - BloodHound.py
- (16:29) - SharpHound
- (17:28) - ADExplorer
- (19:30) - Convert Snapshot
- (20:07) - BOFHound
- (22:46) - Identify Attack Path
- (23:55) - Abusing RBCD for Local Priviledge Escalation
- (26:43) - Machine Account Quota
- (27:40) - Resource-Based Constrained Delegation Expolitation Flow
- (30:36) - Create Computer Object
- (31:58) - Set Delegation
- (33:22) - Delegation Attribute
- (33:53) - Select a Target Account
- (34:34) - Avoid Protected Users
- (35:24) - Get Privileged TGS
- (37:07) - Delegation Failure Example
- (37:39) - Escalation Success
- (39:18) - Dump local Secrets
- (40:53) - Domain Admin Compromised
- (41:39) - Attack Path Summary
- (44:24) - Defensive Considerations
- (45:42) - Related Antisyphon Courses
- (46:08) - More Resources
- (47:27) - Q&A Start
- (50:03) - Alternative Path for Attackers
- (51:30) - Whats the Assumed Compromize Course like?
- (56:27) - Are Extended Test Timelines an advantage?
- (57:51) - BHIS "Side Quest" capabilities
- (58:55) - BHIS CPT On-Boarding Process
- (01:02:29) - Getting the Ball Rolling on Test Assessments
- (01:04:22) - The Price of Continous Pen Testing
- (01:05:30) - Favorite Things About Customer CPTs
Join Kaitlyn Wimberley and Alyssa Snow (Black Hills Infosec – Continuous Penetration Testers) for a free one-hour webcast where they’ll walk through an example Active Directory attack path, from un-credentialed network access to Domain Administrator.
You’ll learn how attackers can escalate from un-credentialed access to Domain Admin, identify common misconfigurations, and understand how small weaknesses can combine to compromise your network.
Chat with your fellow attendees in the Black Hills Infosec Discord server:
https://discord.gg/BHIS
in the #đź”´live-chat channel.
Brought to you by:
Black Hills Information SecurityÂ
https://www.blackhillsinfosec.com
Antisyphon Training
https://www.antisyphontraining.com/
Active Countermeasures
https://www.activecountermeasures.com
Wild West Hackin Fest
https://wildwesthackinfest.com
