Skip to main content
Support

Security Reconnaissance

Map privilege and identify risk

Advanced~15 mincontoso.com
Security Reconnaissance
PS C:\>
Domain
Group
User
Service
OU

Step 1 of 9

Security Recon Briefing

In this lab you'll perform a security reconnaissance of the contoso.com domain — the kind of assessment a security analyst does when evaluating an AD environment.

Your objectives:

  • Identify all privileged groups and their members
  • Find service accounts that could be targeted
  • Assess the overall attack surface

Click "Continue" to begin the assessment.

Objectives

  • Survey the User Population
  • Enumerate Security Groups
  • Inspect Domain Admins
  • Who Are the Domain Admins?
  • Enterprise Admins
  • Find Service Accounts
  • Service Account Audit
Back to all labs
SourceSudo

Content sourced from Microsoft Documentation, MITRE ATT&CK Framework, NIST SP 800-63/171, adsecurity.org (Sean Metcalf), SpecterOps research, and SANS Reading Room. For educational purposes only.

MITRE ATT&CKADSecurity.org