Strik1r reviewing AD lab
Before it begins
I bought Pentester Academy Attacking and Defending Active Directory Lab, but I did not start immediately with the lab. I got the videos and the slides and I was learning from them before the lab actually started. I wanted to maximize the time I can use the lab. I created notes for myself with every tip/trick/commands and everything. I did half of the videos before I actually started the lab.
The training material
The videos and slides were done by Nikhil Mittal. He did a really great job with the material. It is easy to see at the first 10 minutes that he really knows what he is talking about. There are a lot of “trainer” out there who don’t really understand how things work. Their explanation is more like “hey run this command in metaspolit and woow”. Nikhil knows what he is doing and he can explain really well. I really liked that the whole tutorial is not tool focused. Plus you are encouraged to use your own way, methods/tools to get where you want to be. There were things that I only understood at the second watch. There where informations we got but used it later in a special attacks. I really liked that there is a section for defence. You should watch that too. That section has a few tips / tricks to attack. Without that the exam will be harder a little bit.
What was good
-
14 hours of course material
-
Nice explanations
-
Really up to date
What I would like to see
-
More explanation on how lsass works
-
More explanation on how Mimikatz actually does what is does.
The lab
So I started, enumerating all the way. Doing the objectives. It was kinda fast. I cleared all the objectives in one weekend. To be honest, I already watched the videos by then, created my notes and I had more than 8 hours a day doing the labs. I cleared the objectives two more times in the month. I created little objectives for myself to have more fun. Tried all I can think of. Remember, there is life after the main objectives.
What was good
-
Big lab
-
Fully updated machines
What I would like to see
-
More privilege escalation opportunities would be nice
-
One more forest, so I could try: dollar -> euro -> ?yen?ye
-
Login page with fake DB on the web server.
-
Some things from the defense section turned on in some of the machines. Maybe in Red team lab this is already a thing.
The Exam
So here we are, exam day. I got my VPN access to the exam. Instantly started enumerating. Noted down everything. And after that… Nope not going to spoil it. A few things to remember. They don’t want to mess with you. No magic needed. You can do the exam lab using only the information you got from the materials. When you get stuck, you should check something you don’t really think that is too useful. After all, it was nice and tricky. Really useful. And after all, when you are stuck, remember to Try Smarter.
Who is it for?
The big question is, should you buy this? Will it be useful for you?
Yes if
-
You want to learn about AD Attack and defense
-
You want explanation not just a lab to play with
-
You want to be a Red Teamer
Not if
-
You are just getting started with “Hacking”.
-
You just want a lab to play with. Then you would be better with:
-
Pentester Academy Red team lab
-
Hack the box Rastalab
-
…
-