Tellsanguis
ed989ff004
- Add all project documentation pages in French and English - Include PDF viewers for presentations and documents (P10, P12) - Add collapsible sections for scripts and logs (P10) - Add static assets for all projects - Update sidebars with new projets-openclassrooms category - Add npm start:en script for testing English locale
2.3 KiB
2.3 KiB
| sidebar_position |
|---|
| 12 |
P12 - Active Directory Security Audit
Context
Offensive security audit of a clinic's Windows domain and Active Directory: penetration testing, vulnerability identification and remediation plan.
Objectives
- Perform a complete AD security audit
- Identify exploitable vulnerabilities
- Demonstrate risks through proof of concepts
- Propose a corrective action plan aligned with ANSSI/NIST
Methodology
- Reconnaissance: domain enumeration
- Exploitation: controlled penetration tests
- Post-exploitation: privilege escalation
- Report: vulnerabilities and remediations
Tools Used
| Tool | Usage |
|---|---|
| nmap | Network and service scanning |
| enum4linux | SMB/AD enumeration |
| Kerberoasting | Kerberos ticket extraction |
| Mimikatz | Credential extraction |
| BloodHound | AD attack path analysis |
Identified Vulnerabilities (Examples)
| Vulnerability | Criticality | Risk |
|---|---|---|
| Accounts with SPN and weak password | Critical | Kerberoasting -> privileged access |
| NTLM enabled | High | Pass-the-Hash |
| Unconstrained delegation | High | Identity impersonation |
| Cleartext passwords (GPP) | Critical | Immediate compromise |
Deliverables
Pentest Report (PDF)
Detailed document of penetration tests performed and identified vulnerabilities.
Corrective Action Plan (PDF)
Remediation plan with action prioritization according to criticality level.
Presentation (PDF)
Presentation slides for stakeholder reporting.
Skills Acquired
- Security audit methodology
- Pentesting tools usage
- Active Directory vulnerability analysis
- Audit report writing
- Remediation plan development
- Results presentation to stakeholders