# HTB Pro Labs - RastaLabs: Active Directory enumeration and exploitation ## Requerimientos * VM Windows 10 * VM Kali ## Glosario * Red teaming: * VPS: * Agente: * Shell reversa: * Command & Control o C2: * IDS o Intrusion Detection System: * IPS o Intrusion Prevention System: * SIEM o Security Information and Event Management * OSINT: * ADFS o Active Directory Federation Services: * Brute force password attack: * Password Spraying Attack: Rosear un contraseña sobre una lista de contraseñas ## RataLabs https://www.hackthebox.com/newsroom/prolab-rastalabs Controles defensivos * Segmentacion de red * Firewall * Antivirus ## Infraestructura ### VPS * Droplets de Digital Ocean https://www.digitalocean.com/pricing * EC2 de AWS * Compute Engine de Google Cloud ### Mapea de puertos Mapear puertos. `chisel` es detectado como malware ```bash chisel client 192.168.1.42:8000 R:443:127.0.0.1:443 ``` ### Command & Control Pära un tier gratuito se recomienda dos C2: covenant y metasploit. **Listeners (Covenant) o handlers (MSF)**: es el driver qeu se va envcargar de las shell reversas #### Covenant **SSL Pinning**: ```bash dotnet run ``` ##### PowerShell launcher #### Metasploit ### Osint SignalHire fluid Attacks ADFS