# NTUSTISC - Note ## AD - [0x01 - 環境建置 & Background](https://hackmd.io/@SBK6401/SyA-DsBa2) ### 環境調查Normal - [0x02 - 查詢本地使用者](https://hackmd.io/@SBK6401/Hktcfhw62) - [0x03 - 查詢網域使用者](https://hackmd.io/@SBK6401/BJqJMMECn) - [0x04 - Leak Password](https://hackmd.io/@SBK6401/rkJfMfEAh) - [0x05 - 偵測查詢的操作](https://hackmd.io/@SBK6401/Skh7GGEC2) - [0x06 - 查詢網域群組](https://hackmd.io/@SBK6401/S1k8zM4An) - [0x07 - 當前網域控制站(DC)](https://hackmd.io/@SBK6401/B1hPGGVRh) - [0x08 - BloodHound](https://hackmd.io/@SBK6401/H13mNnPp2) ### 提升權限 - [0x09 - 利用弱點](https://hackmd.io/@SBK6401/SkNdITWA2) - [0x10 - Hijack Token](https://hackmd.io/@SBK6401/r1_sDfNAn) - [0x11 - 偵測提權](https://hackmd.io/@SBK6401/HyisDz4Rn) - [0x12 - 錯誤配置](https://hackmd.io/@SBK6401/Sk1nvGNAn) ### 更多密碼 - [0x13 - Brute Force SAM](https://hackmd.io/@SBK6401/S1KgaEz0h) - [0x14 - Password Spraying](https://hackmd.io/@SBK6401/Byk16MV0n) - [0x15 - 偵測密碼揮灑](https://hackmd.io/@SBK6401/ByTChz4Ch) - [0x16 - 透過Mimikatz取得Local Admin的NTLM](https://hackmd.io/@SBK6401/H15R2zNAh) - [0x17 - 偵測LSASS](https://hackmd.io/@SBK6401/B1DA3fVA2) - [0x18 - 其他方法得到lsass.dmp](https://hackmd.io/@SBK6401/S16T17NCn) - [0x19 - 顯示Mimikatz的明文](https://hackmd.io/@SBK6401/Bk-mYm4R3) - [0x20 - 無法Reboot的時盜取Passwd](https://hackmd.io/@SBK6401/Hk0HXvECh) - [0x21 - AS-REP Roasting](https://hackmd.io/@SBK6401/rk_kO14Jp) ### [會後提及有用的工具和觀念](https://hackmd.io/@SBK6401/SJ6WYPNAn) ### 遠端執行/讀檔 - [0x22 - 遠端執行(RDP)](https://hackmd.io/@SBK6401/rJPbPiVya) - [0x23 - 遠端執行(RDP)2](https://hackmd.io/@SBK6401/Bkxs1SSgp) - [0x24 - SMB遠端讀寫](https://hackmd.io/@SBK6401/Syn5Q8rga) ## DFIR - [0x01 - MrRobot - Target 1](https://hackmd.io/@SBK6401/SkJAThwla) - [0x02 - MrRobot - Target 2](https://hackmd.io/@SBK6401/HJz2FPne6) - [0x03 - MrRobot - POS](https://hackmd.io/@SBK6401/BJpJqDhlp)