Penetration Testing Active Directory prepares students to enumerate, analyze, exploit, and dominate Windows enterprise domains using modern red-team and penetration testing techniques throughout an Active Directory forest containing seven domains. Students progress through the full Active Directory attack lifecycle: directory structure analysis, LDAP-based queries and enumeration, credential extraction, Kerberos manipulation, lateral movement across domain trusts, privilege escalation, and domain compromise. The course emphasizes operational tradecraft using tools such as PowerShell, Impacket, Mimikatz, BloodHound, Rubeus, and advanced Windows exploitation frameworks. Students conclude with a Culmination Exercise (CULEX) requiring real-time offensive operations and documentation in a multi-domain enterprise scenario.
Intended Audience: Cyber operators, penetration testers, red team members, and enterprise security professionals who require structured tradecraft for enumerating and exploiting Windows Active Directory environments.