ADenum
Find misconfiguration through LDAP to exploit weaknesses with Kerberos.
LDAP :
- Enum Domain Admin users
- Enum Domain Controllers
- Enum Domain users with Password Not Expire
- Enum Domain users with old password
- Enum Domain users with interesting description
- Enum Domain users with not the default encryption
- Enum Domain users with Protecting Privileged Domain Accounts
- Enum Domain users with not default object Attributes
Kerberos :
- AS-REP Roastable
- Kerberoastable
- Password cracking with john (krb5tgs and krb5asrep)