// notes/ Active Directory
🏛️

Initial Attack Strategy

Start off with[ Responder ](/active-directory/initial-attack-strategy/llmnr-poisoning.md)and [mitm6](/active-directory/initial-attack-strategy/ipv6-attacks.md) at times where user…

#active directory#adot8
source · oscp.adot8.com · active-directory/initial-attack-strategy

Initial Attack Strategy

Playbook

  • Start off with Responder and mitm6 at times where users are connecting to network drives
  • Scan the network and gather information
  • Bruteforce domain usernames with Kerbrute then password spray
  • Find internal websites in scope. They might have default credentials
  • Be creative