Explore the powerful capabilities of CrackMapExec for Active Directory penetration testing in this comprehensive conference talk from Derbycon 2016. Dive into the tool's libraries, witness live demonstrations, and learn advanced techniques for password spraying, spidering, and authentication. Discover how to perform admin actions, leverage payload modules, and execute Mimikatz. Gain insights into local and remote execution, database credential handling, and the use of various modules. Master the art of creating shells, implementing reverse HTTP handlers, and invoking shell modules. Enhance your cybersecurity skills with this in-depth exploration of CrackMapExec's features for owning Active Directory environments.
Overview
Syllabus
Intro
The Libraries
Live Demo
Invoke the Program
Password Spring
Spidering
Authentication
Admin Acts
Payload Modules
Mimicat execution
Authentication locally
Execution locally
Execution on VMs
Database
Credentials
Modules
Shells
Reverse HTTP Handler
Invoke Shell
Module Training