Browsed by
Tag: Service Principal Names

ProTip: LDAP Reconnaissance

ProTip: LDAP Reconnaissance

The start of Active Directory attacks, like LDAP Reconnaissance, involves finding vulnerabilities on a network and grabbing “intel” about sensitive accounts like Domain, Enterprise, and Schema Admins. After an attacker initially compromises a system on a network, they will pretty much have no privileges in the domain. This leaves an attacker hungry for more, and with the way Active Directory is designed, they can query objects inside a directory pretty easily. LDAP queries are key in an attacker gaining this…

Read More Read More

Start a Free StealthAUDIT® Trial!

No risk. No obligation.