# HTB Pro Labs - RastaLabs: Active Directory enumeration and exploitation
## Requerimientos
* VM Windows 10
* VM Kali
## Glosario
* Red teaming:
* VPS:
* Agente:
* Shell reversa:
* Command & Control o C2:
* IDS o Intrusion Detection System:
* IPS o Intrusion Prevention System:
* SIEM o Security Information and Event Management
* OSINT:
* ADFS o Active Directory Federation Services:
* Brute force password attack:
* Password Spraying Attack: Rosear un contraseña sobre una lista de contraseñas
## RataLabs
https://www.hackthebox.com/newsroom/prolab-rastalabs
Controles defensivos
* Segmentacion de red
* Firewall
* Antivirus
## Infraestructura
### VPS
* Droplets de Digital Ocean https://www.digitalocean.com/pricing
* EC2 de AWS
* Compute Engine de Google Cloud
### Mapea de puertos
Mapear puertos. `chisel` es detectado como malware
```bash
chisel client 192.168.1.42:8000 R:443:127.0.0.1:443
```
### Command & Control
Pära un tier gratuito se recomienda dos C2: covenant y metasploit.
**Listeners (Covenant) o handlers (MSF)**: es el driver qeu se va envcargar de las shell reversas
#### Covenant
**SSL Pinning**:
```bash
dotnet run
```
##### PowerShell launcher
#### Metasploit
### Osint
SignalHire fluid Attacks
ADFS