6.5. 参考链接¶
6.5.1. Windows¶
- Windows 威胁防护
- 文件寄生 NTFS文件流实际应用
- Windows中常见后门持久化方法总结
- LOLBAS
- 渗透技巧——Windows单条日志的删除
- windows取证 文件执行记录的获取和清除
- Getting DNS Client Cached Entries with CIM/WMI
- Windows单机Persistence
- Dumping RDP Credentials
6.5.1.1. 域渗透¶
- 绕过域账户登录失败次数的限制
- 域渗透总结
- got domain admin on internal network
- Mitigating Pass-the-Hash (PtH) Attacks and Other Credential Theft Techniques <http://download.microsoft.com/download/7/7/A/77ABC5BD-8320-41AF-863C-6ECFB10CB4B9/Mitigating%20Pass-the-Hash%20(PtH)%20Attacks%20and%20Other%20Credential%20Theft%20Techniques_English.pdf>`_
- 域渗透学习笔记
- QOMPLX Knowledge: Fundamentals of Active Directory Trust Relationships
- Kerberos的黄金票据详解
- DCShadow explained: A technical deep dive into the latest AD attack technique
- Active Directory Security
- Kerberos AD Attacks Kerberoasting
- Kerberos之域内委派攻击
- adsec An introduction to Active Directory security
- Attacking Active Directory
- Certified Pre-Owned Abusing Active Directory Certificate Services
- Microsoft Advanced Threat Analytics
6.5.1.2. 权限提升¶
- Windows内网渗透提权
- UACMe Defeating Windows User Account Control