Enumeration:

	1. https://nored0x.github.io/red-teaming/active-directory-domain-enumeration-part-1/

	2. https://learn.microsoft.com/en-us/answers/questions/929688/best-practice-to-prevent-active-directory-enumerat

	3. https://www.exploit-db.com/docs/english/46990-active-directory-enumeration-with-powershell.pdf

	4. https://payatu.com/blog/ad-enumeration-without-external-scripts/

	5. https://www.ired.team/offensive-security-experiments/active-directory-kerberos-abuse/active-directory-enumeration-with-powerview

	BloodHound:

		1. https://www.pentestpartners.com/security-blog/bloodhound-walkthrough-a-tool-for-many-tradecrafts/

		2. https://www.ired.team/offensive-security-experiments/active-directory-kerberos-abuse/abusing-active-directory-with-bloodhound-on-kali-linux

		3. https://bloodhound.readthedocs.io/en/latest/

		4. https://book.hacktricks.xyz/windows-hardening/active-directory-methodology/bloodhound

		5. https://www.hackingarticles.in/active-directory-enumeration-bloodhound/

Exploitation:

	1. https://ethicalhackersacademy.com/blogs/ethical-hackers-academy/active-directory

	2. https://casvancooten.com/posts/2020/11/windows-active-directory-exploitation-cheat-sheet-and-command-reference/

	3. https://adsecurity.org/?cat=347

	4. https://ringzer0.training/trainings/advanced-active-directory-exploitation.html

	5. https://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet

Lateral Movement:

	1. https://riccardoancarani.github.io/2019-10-04-lateral-movement-megaprimer/

	2. https://www.ired.team/offensive-security/lateral-movement

	3. https://www.nopsec.com/blog/exploiting-kerberos-for-lateral-movement-and-privilege-escalation/

	4. https://windowstechno.com/what-is-lateral-movement/

	5. https://github.com/Integration-IT/Active-Directory-Exploitation-Cheat-Sheet/blob/master/G%20-%20Lateral%20Movement/README.md

	6. https://github.com/MicrosoftDocs/ATADocs/blob/master/ATPDocs/playbook-lateral-movement.md

	7. https://github.com/topics/lateral-movementhttps://github.com/0xJs/RedTeaming_CheatSheet/blob/main/windows-ad/Lateral-Movement.md

	8. https://www.hackingarticles.in/lateral-movement-pass-the-ticket-attack/

	9. https://book.hacktricks.xyz/windows-hardening/active-directory-methodology/pass-the-ticket

	PsExec:

		1. https://www.mindpointgroup.com/blog/lateral-movement-with-psexec

		2. https://book.hacktricks.xyz/windows-hardening/lateral-movement/psexec-and-winexec

		3. https://pentestlab.blog/tag/psexec/

		4. https://www.hackingarticles.in/lateral-movement-pass-the-hash-attack/

		5. https://miloserdov.org/?tag=psexec

Pivoting:

	1. https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Network%20Pivoting%20Techniques.md

	2. https://github.com/RedTeamOperations/PivotSuite

	3. https://github.com/t3l3machus/pentest-pivoting

	4. https://github.com/topics/pivoting

	5. https://zindagitech.com/hacking-methodology-how-to-do-network-pivoting/

	6. https://www.eccouncil.org/cybersecurity-exchange/penetration-testing/pivoting-penetration-testing/

	7. https://www.coresecurity.com/blog/pivoting-penetration-testing

	8. https://initone.dz/network-pivoting/

	9. https://www.geeksforgeeks.org/pivoting-moving-inside-a-network/

	10. https://medium.com/@6c2e6e2e/network-pivoting-like-a-pro-2fa04a569d8c

	11. https://miloserdov.org/?p=2973

	12. https://nullsweep.com/pivot-cheatsheet-for-pentesters/

	13. https://alomancy.gitbook.io/guides/cheat-sheets/tunnelling-pivoting-and-proxies

	14. https://oscp.infosecsanyam.in/pivoting

	15. https://infosecwriteups.com/pivoting-techniques-with-thm-wreath-95fecba1b580

	Chisel:

		1. https://ap3x.github.io/posts/pivoting-with-chisel/

		2. https://n3nu.medium.com/how-to-pivot-using-chisel-e59b1987e252

		3. https://www.reddit.com/r/oscp/comments/unjv7h/guide_pivoting_with_chisel/

		4. https://blog.mkiesel.ch/posts/oscp_pivoting/

		5. https://0xdf.gitlab.io/2020/08/10/tunneling-with-chisel-and-ssf-update.html

	Socat:

		1. https://systemweakness.com/the-art-of-pivoting-using-socat-forward-reverse-7dfd99871607

		2. https://artkond.com/2017/03/23/pivoting-guide/


Post Exploitation:

	1. https://infosecwriteups.com/post-exploitation-basics-in-active-directory-enviorment-by-hashar-mujahid-d46880974f87

	2. https://bbinfosec.medium.com/windows-active-directory-reconnaissance-48c2bd70388

	3. https://dft.wiki/?p=2632

	4. https://hackersploit.org/windows-post-exploitation-tutorials/

	5. https://github.com/infosecn1nja/AD-Attack-Defense

	6. https://github.com/tmenochet/ADThief

	7. https://github.com/0xsyr0/Red-Team-Playbooks/blob/master/7-Actions-on-Objective/7.1-Post-Exploitation.md

	8. https://github.com/mubix/post-exploitation/blob/master/win32bins/activedirectory/readme.md

	9. https://www.techtarget.com/searchsecurity/tutorial/Mimikatz-tutorial-How-it-hacks-Windows-passwords-credentials

	10. https://www.hackingarticles.in/understanding-guide-mimikatz/

	11. https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Mimikatz.md

	12. https://book.hacktricks.xyz/windows-hardening/stealing-credentials/credentials-mimikatz

Persistence:

	1. https://www.hackingarticles.in/domain-persistence-computer-accounts/

	2. https://adsecurity.org/?p=1929

	3. https://pentestlab.blog/2022/01/04/domain-persistence-adminsdholder/

	4. https://book.hacktricks.xyz/windows-hardening/active-directory-methodology/ad-certificates/domain-persistence

	5. https://benheater.com/tryhackme-persisting-active-directory/

	6. https://notes.offsec-journey.com/persistence/persistence

	7. https://www.ired.team/offensive-security-experiments/active-directory-kerberos-abuse/how-to-abuse-and-backdoor-adminsdholder-to-obtain-domain-admin-persistence

	8. https://www.coresecurity.com/blog/getting-inside-mind-attacker-after-breach-achieving-persistence-golden-and-silver-tickets

	9. https://blog.quest.com/golden-ticket-attacks-how-they-work-and-how-to-defend-against-them/

	10. https://www.ired.team/offensive-security-experiments/active-directory-kerberos-abuse/kerberos-golden-tickets

	11. https://www.hackingarticles.in/domain-persistence-golden-ticket-attack/

	12. https://book.hacktricks.xyz/windows-hardening/active-directory-methodology/golden-ticket

	13. https://book.hacktricks.xyz/windows-hardening/active-directory-methodology/silver-ticket

	14. https://www.hackingarticles.in/domain-persistence-silver-ticket-attack/

	15. https://www.hackingarticles.in/a-detailed-guide-on-rubeus/


Tools:

	1. https://github.com/theyoge/AD-Pentesting-Tools

	2. https://github.com/S3cur3Th1sSh1t/Pentest-Tools

	3. https://github.com/expl0itabl3/Toolies

	1. Enumeration

		1. ADEnum: https://github.com/SecuProject/ADenum

		2. adPEAS: https://github.com/61106960/adPEAS

		3. BloodHound

			1. https://github.com/BloodHoundAD/BloodHound

			2. https://github.com/fox-it/BloodHound.py

			3. https://github.com/BloodHoundAD/SharpHound

		4. PowerView: https://github.com/PowerShellMafia/PowerSploit/blob/master/Recon/PowerView.ps1

		5. PowerUp: https://github.com/PowerShellMafia/PowerSploit/blob/master/Privesc/PowerUp.ps1

		6. Kerbrute: https://github.com/ropnop/kerbrute

	2. Lateral Movement

		1. PsExec SysInternals: https://learn.microsoft.com/en-us/sysinternals/downloads/psexec

		2. PsExec: https://github.com/fortra/impacket/blob/master/examples/psexec.py

		3. https://hackmag.com/security/lateral-guide/

		4. SMBExec: https://book.hacktricks.xyz/windows-hardening/lateral-movement/smbexec

		5. WMIExec: https://github.com/fortra/impacket/blob/master/examples/wmiexec.py

		6. Evil-WinRM: https://github.com/Hackplayers/evil-winrm

	3. Privilege Escalation

		1. Kerberoast: https://github.com/nidem/kerberoast

		2. ASREPRoast: https://github.com/HarmJ0y/ASREPRoast

		3. PrintNightmare: https://github.com/nemo-wq/PrintNightmare-CVE-2021-34527

	4. Post Exploitation

		1. Mimikatz: https://github.com/ParrotSec/mimikatz

		2. Rubeus: https://www.hackingarticles.in/a-detailed-guide-on-rubeus/

	5. Persistence

		1. Impacket Toolkit: https://github.com/fortra/impacket


Articles:

	1. https://assets.sentinelone.com/identity-security-solutions/AD-Security-Checklist?utm_content=demo-request&utm_medium=paid-search&utm_source=google-paid&utm_campaign=identity_threat_detection_response-mobile_device_only-nam-cl-s1-dg-nam-us-en-g-s&utm_term=active%20directory%20protection&utm_campaignid=19596840144&utm_adgroup=152298893944&utm_target=kwd-321754073664&utm_device=c&utm_type=b&utm_creative=645911874637&utm_network=g&utm_location=9062140&utm_adposition=&utm_aceid=&utm_adgroupname=active_directory&gclid=Cj0KCQjwk7ugBhDIARIsAGuvgPYH48-sk18AhIyagykvxp6SAiNhbbulnMn9hrkAHFQMOch3tYreUl4aAgcaEALw_wcB#page=1

	2. https://book.hacktricks.xyz/windows-hardening/active-directory-methodology

	3. https://zer1t0.gitlab.io/posts/attacking_ad/

Cheatsheets:
	
	1. https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet

	2. https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Directory%20Attack.md

	3. https://github.com/topics/active-directory-exploitation

	4. https://github.com/esidate/pentesting-active-directory

	5. https://github.com/geeksniper/active-directory-pentest

	6. https://github.com/DeanOfCyber/Active-Directory-Penetration-Testing-and-Security

	7. https://github.com/theyoge/AD-Pentesting-Tools

	8. https://gist.github.com/ssstonebraker/a1964b2f20acc8edb239409b6c4906ce

Practice Labs:

	2. https://rootdse.org/posts/active-directory-lab-setup-forest/

	3. https://thehackerish.com/easy-and-free-active-directory-lab-setup/

	4. https://macrosec.tech/index.php/2021/07/19/building-a-basic-active-directory-lab/

	5. https://docs.microsoft.com/en-us/learn/modules/introduction-to-ad-ds/1-introduction

	6. https://robertscocca.medium.com/building-an-active-directory-lab-82170dd73fb4

	7. Labs

		1. https://github.com/WazeHell/vulnerable-AD

		2. https://github.com/Orange-Cyberdefense/GOAD

		3. https://github.com/alebov/AD-lab

		4. https://github.com/JonCyberGuy/ActiveDirectoryLab

		5. https://github.com/WaterExecution/vulnerable-AD-plus

		6. https://github.com/christophetd/Adaz

		7. https://github.com/oehrlis/ad-lab

		8. https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet#golden-ticket-attack


Books:
	
	Basics:
	
		1. https://www.amazon.in/Mastering-Active-Directory-Dishan-Francis/dp/1787289354

		2. https://www.oreilly.com/library/view/active-directory-5th/9781449361211/

		3. https://www.amazon.com/dp/B08Y4RLPTN?tag=uuid10-20

		4. https://www.amazon.com/dp/1542480442?tag=uuid10-20

		5. https://www.amazon.com/dp/1789806984?tag=uuid10-20

		6. https://www.amazon.com/dp/0137834462?tag=uuid10-20

		7. https://www.amazon.com/dp/1789347394?tag=uuid10-20

	Pentesting:

		1. https://owasp.org/www-pdf-archive/OWASP_FFM_41_OffensiveActiveDirectory_101_MichaelRitter.pdf

		2. https://www.oreilly.com/library/view/advanced-infrastructure-penetration/9781788624480/

		3. https://subscription.packtpub.com/book/security/9781801818933/14/ch14lvl1sec94/attacking-active-directory

		4. https://pentestmag.com/product/pentest-active-directory-pentesting/