Active Directory Attacks
Active Directory enumeration and attacks
Key Concepts
Security Mindset
Think like an attacker - what can go wrong, what can be abused?
Defense in Depth
Multiple layers of security controls, no single point of failure.
Least Privilege
Grant minimum permissions needed for functionality.
Trust Boundaries
Identify where data crosses trust levels and validate at each boundary.
Learning Material
What You'll Learn
Active Directory enumeration and attacks
Think like an attacker - what can go wrong, what can be abused?
Multiple layers of security controls, no single point of failure.
Grant minimum permissions needed for functionality.
Identify where data crosses trust levels and validate at each boundary.
Network Security - Section Index
Overview
Network security encompasses the policies, practices, and technologies designed to protect the integrity, confidentiality, and availability of computer networks and data. This section covers fundamental network security concepts, attack vectors, defensive mechanisms, and practical techniques for securing network infrastructure.
Network security operates across multiple layers of the OSI model and requires a defense-in-depth approach combining technical controls, monitoring, and incident response capabilities.
Section Navigation
Core Topics
| Directory | Focus Area | Key Topics |
|---|---|---|
| protocols/ | Protocol Security | TCP/IP, DNS, ARP, BGP, DHCP vulnerabilities |
| firewalls_ids/ | Perimeter Defense | Firewall rules, IDS/IPS, WAF, network segmentation |
| wireless/ | Wireless Security | WiFi attacks, WPA/WPA2/WPA3, Bluetooth, cellular |
| network_attacks/ | Attack Techniques | MITM, sniffing, pivoting, lateral movement |
Quick References
- Protocol Analysis:
protocols/techniques.md- Deep dive into network protocol vulnerabilities - Attack Techniques:
network_attacks/techniques.md- Offensive network security techniques - Defense Strategies:
firewalls_ids/- Defensive network controls - Case Studies: case_studies/ - Real-world incidents (VPN exploits, network breaches)
OSI Model Security Analysis
Understanding network security requires mapping threats and controls to each layer of the OSI model. Each layer presents unique attack surfaces and requires specific defensive measures.
Layer 7 - Application Layer
Security Concerns: - Application-level protocol vulnerabilities (HTTP, FTP, SMTP, DNS) - Web application attacks (XSS, SQLi, command injection) - API security and authentication bypass - Malware and phishing delivered via application protocols
Attack Vectors:
- HTTP request smuggling
- DNS tunneling for data exfiltration
- SMTP header injection
- FTP bounce attacks
- Application-layer DDoS (HTTP flood, Slowloris)
Defensive Controls: - Web Application Firewalls (WAF) - Application-layer proxies - Deep packet inspection (DPI) - Content filtering and URL categorization - TLS/SSL inspection
Key Protocols: HTTP/HTTPS, DNS, FTP, SMTP, IMAP, POP3, SSH, Telnet, SNMP
Layer 6 - Presentation Layer
Security Concerns: - Encryption and decryption vulnerabilities - Data format manipulation - Character encoding attacks - Compression-based attacks (CRIME, BREACH)
Attack Vectors:
- SSL/TLS downgrade attacks
- Certificate spoofing
- Compression oracle attacks
- Format string vulnerabilities
- Character encoding bypass (UTF-7, overlong UTF-8)
Defensive Controls: - Strong encryption standards (TLS 1.3) - Certificate pinning - Proper input encoding/decoding - Compression disabling for sensitive data
Layer 5 - Session Layer
Security Concerns: - Session management vulnerabilities - Authentication bypass - Session hijacking and fixation - RPC/API session security
Attack Vectors:
- Session hijacking via token theft
- Session fixation attacks
- NetBIOS/SMB session attacks
- RPC enumeration and exploitation
- Session replay attacks
Defensive Controls: - Secure session token generation - Session timeout policies - Session binding to IP/User-Agent - Mutual authentication - Session encryption
Layer 4 - Transport Layer
Security Concerns: - TCP/UDP protocol vulnerabilities - Port scanning and service enumeration - Connection state manipulation - Transport layer denial of service
Attack Vectors:
- SYN flood attacks
- TCP session hijacking
- TCP reset attacks
- UDP flood attacks
- Port scanning (SYN, ACK, FIN, XMAS, NULL)
- TCP sequence prediction
Defensive Controls: - SYN cookies - Rate limiting - Connection timeout tuning - Stateful firewalls - TCP wrapper configurations - Port knocking
Key Protocols: TCP, UDP, SCTP
Layer 3 - Network Layer
Security Concerns: - IP routing vulnerabilities - Packet manipulation and spoofing - Routing protocol attacks - Network-layer DoS
Attack Vectors:
- IP spoofing
- ICMP attacks (Smurf, ping of death, ICMP tunneling)
- BGP hijacking
- Route injection/manipulation
- Fragmentation attacks
- IP source routing exploitation
Defensive Controls: - Ingress/egress filtering (BCP38) - IP source validation - ICMP rate limiting - RPKI for BGP security - IPsec for packet authentication - Network segmentation
Key Protocols: IP, ICMP, IGMP, IPsec, OSPF, BGP, RIP
Layer 2 - Data Link Layer
Security Concerns: - MAC address spoofing - Switch security vulnerabilities - VLAN security issues - Layer 2 DoS attacks
Attack Vectors: ``` - ARP spoofing/poisoning - MAC flooding (CAM table overflow) - VLAN hopping (switch spoofing, double ta
Practical Examples
Practice examples coming soon. Check the Certs section for related labs.