Active Directory Attacks

This skill should be used when the user asks to "attack Active Directory", "exploit AD", "Kerberoasting", "DCSync", "pass-the-hash", "BloodHound enumeration", "Golden Ticket", "Silver Ticket", "AS-REP roasting", "NTLM relay", or needs guidance on Windows domain penetration testing.

Invalid

This skill can't be scored yet

Validation errors are blocking scoring. Review and fix them to unlock Quality, Impact and Security scores. See what needs fixing →

Active Directory Attacks

Purpose

Provide comprehensive techniques for attacking Microsoft Active Directory environments. Covers reconnaissance, credential harvesting, Kerberos attacks, lateral movement, privilege escalation, and domain dominance for red team operations and penetration testing.

Inputs/Prerequisites

Kali Linux or Windows attack platform
Domain user credentials (for most attacks)
Network access to Domain Controller
Tools: Impacket, Mimikatz, BloodHound, Rubeus, CrackMapExec

Outputs/Deliverables

Domain enumeration data
Extracted credentials and hashes
Kerberos tickets for impersonation
Domain Administrator access
Persistent access mechanisms

Essential Tools

Tool	Purpose
BloodHound	AD attack path visualization
Impacket	Python AD attack tools
Mimikatz	Credential extraction
Rubeus	Kerberos attacks
CrackMapExec	Network exploitation
PowerView	AD enumeration
Responder	LLMNR/NBT-NS poisoning

Core Workflow

5. Kerberoasting

6. AS-REP Roasting

7. DCSync Attack

8. Pass-the-Ticket (Golden Ticket)

9. Silver Ticket

10. Pass-the-Hash

11. OverPass-the-Hash

12. Responder + ntlmrelayx

13. SMB Signing Check

Repository: Dokhacgiakhoa/antigravity-ide
Commit: 3395991

Last updated: 25 days ago
Created: 25 days ago

Is this your skill?

If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.