7MS #671: Pentesting GOAD

Update: 2025-04-18

Description

Hello! This week Joe “The Machine” Skeen and I kicked off a series all about pentesting GOAD (Game of Active Directory). In part one we covered:

Checking for null session enumeration on domain controllers
Enumerating systems with and without SMB signing
Scraping AD user account descriptions
Capturing hashes using Responder
Cracking hashes with Hashcat

Comments

In Channel

7MS #691: Tales of Pentest Pwnage – Part 75

2025-09-0531:39

7MS #690: Tales of Pentest Pwnage – Part 74

2025-08-2921:13

7MS #689: Pwning Ninja Hacker Academy – Part 2

2025-08-2215:40

7MS #688: Building a Pentest Training Course Is Fun and Frustrating

2025-08-1622:13

7MS #687: A Peek into the 7MS Mail Bag – Part 5

2025-08-1157:26

7MS #686: Our New Pentest Training Course is Almost Ready

2025-08-0123:30

7MS #685: The Time My Neighbor Almost Got Scammed Out of $13K

2025-07-2522:56

7MS #684: Pwning Ninja Hacker Academy

2025-07-1822:50

7MS #683: What I'm Working on This Week - Part 4

2025-07-1230:50

7MS #682: Securing Your Family During and After a Disaster – Part 7

2025-07-0430:59

7MS #681: Pentesting GOAD – Part 3

2025-06-2718:18

7MS #680: Tips for a Better Purple Team Experience

2025-06-2026:48

7MS #679: Tales of Pentest Pwnage – Part 73

2025-06-1330:12

7MS #678: How to Succeed in Business Without Really Crying – Part 22

2025-06-0633:39

7MS #677: That One Time I Was a Victim of a Supply Chain Attack

2025-05-3013:48

7MS #676: Tales of Pentest Pwnage – Part 72

2025-05-2759:34

7MS #675: Pentesting GOAD – Part 2

2025-05-1631:41

7MS #674: Tales of Pentest Pwnage – Part 71

2025-05-0949:00

7MS #673: ProxmoxRox

2025-05-0330:31

7MS #672: Tales of Pentest Pwnage – Part 70

2025-04-2555:07

00:00

#box-pro-ellipsis-175764955107748{-webkit-line-clamp:2;}7MS #671: Pentesting GOAD

7MS #671: Pentesting GOAD

7MS #671: Pentesting GOAD