https://blog.lameiro0x.com/tags/ad/Recent content in AD on Miguel Lameiro | Cybersecurity Blog & Security WriteupsHugo -- 0.161.1en-usSat, 25 Apr 2026 00:00:00 +0000https://blog.lameiro0x.com/notes/information-gathering/active-directory-enumeration/Sun, 19 Apr 2026 00:00:00 +0000https://blog.lameiro0x.com/notes/information-gathering/active-directory-enumeration/<h1 id="introduction">Introduction</h1> <p>Active Directory enumeration is the process of building a usable map of a Windows enterprise environment so later privilege escalation and lateral movement are based on facts instead of guesses. In a real engagement, the goal is rarely &ldquo;list everything&rdquo; for its own sake. The real goal is to identify valid users, critical hosts, trust relationships, weak controls, exposed services, and data that can be turned into access, escalation, or persistence.</p>https://blog.lameiro0x.com/notes/exploitation/active-directory-exploitation/Sat, 25 Apr 2026 00:00:00 +0000https://blog.lameiro0x.com/notes/exploitation/active-directory-exploitation/<h1 id="introduction">Introduction</h1> <p>Active Directory exploitation is the phase where raw enumeration data becomes actual control over users, hosts, and eventually the domain itself. By this point, the tester is no longer just collecting names, groups, and services, but turning those relationships into passwords, tickets, shells, replication rights, and privileged access. The important shift is strategic: instead of asking &ldquo;what exists,&rdquo; the question becomes &ldquo;which path gives the highest-value access with the least effort and the lowest operational cost.&rdquo;</p>