#activedirectorysecurity — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #activedirectorysecurity, aggregated by home.social.
-
Identity compromise continues to dominate intrusion chains.
From the Sophos Active Adversary Report 2026:
• 67% of initial access attributed to identity abuse
• 3.4-hour median to Active Directory pivot
• 3-day median dwell time
• 88% ransomware deployment off-hours
• 79% data exfiltration off-hours
Directory services remain high-value assets — authentication, authorization, policy control, privilege mapping.
The compressed timeline from credential misuse to directory-level access underscores the need for:
– Continuous identity monitoring
– Behavioral analytics
– After-hours SOC coverage
– Conditional access enforcement
– Least-privilege architecture
Generative AI is functioning as a force multiplier — improving phishing quality and campaign scale - not yet delivering autonomous attack chains.Is identity governance keeping pace with adversary dwell time compression?
Engage below.Follow TechNadu for high-signal infosec analysis.
Repost to strengthen industry awareness.
#Infosec #IdentityThreats #RansomwareDefense #ActiveDirectorySecurity #ThreatModeling #GenAI #SecurityOperations #CyberRisk #ZeroTrustArchitecture #DetectionEngineering #EnterpriseSecurity #ThreatHunting
-
Identity compromise continues to dominate intrusion chains.
From the Sophos Active Adversary Report 2026:
• 67% of initial access attributed to identity abuse
• 3.4-hour median to Active Directory pivot
• 3-day median dwell time
• 88% ransomware deployment off-hours
• 79% data exfiltration off-hours
Directory services remain high-value assets — authentication, authorization, policy control, privilege mapping.
The compressed timeline from credential misuse to directory-level access underscores the need for:
– Continuous identity monitoring
– Behavioral analytics
– After-hours SOC coverage
– Conditional access enforcement
– Least-privilege architecture
Generative AI is functioning as a force multiplier — improving phishing quality and campaign scale - not yet delivering autonomous attack chains.Is identity governance keeping pace with adversary dwell time compression?
Engage below.Follow TechNadu for high-signal infosec analysis.
Repost to strengthen industry awareness.
#Infosec #IdentityThreats #RansomwareDefense #ActiveDirectorySecurity #ThreatModeling #GenAI #SecurityOperations #CyberRisk #ZeroTrustArchitecture #DetectionEngineering #EnterpriseSecurity #ThreatHunting
-
Identity compromise continues to dominate intrusion chains.
From the Sophos Active Adversary Report 2026:
• 67% of initial access attributed to identity abuse
• 3.4-hour median to Active Directory pivot
• 3-day median dwell time
• 88% ransomware deployment off-hours
• 79% data exfiltration off-hours
Directory services remain high-value assets — authentication, authorization, policy control, privilege mapping.
The compressed timeline from credential misuse to directory-level access underscores the need for:
– Continuous identity monitoring
– Behavioral analytics
– After-hours SOC coverage
– Conditional access enforcement
– Least-privilege architecture
Generative AI is functioning as a force multiplier — improving phishing quality and campaign scale - not yet delivering autonomous attack chains.Is identity governance keeping pace with adversary dwell time compression?
Engage below.Follow TechNadu for high-signal infosec analysis.
Repost to strengthen industry awareness.
#Infosec #IdentityThreats #RansomwareDefense #ActiveDirectorySecurity #ThreatModeling #GenAI #SecurityOperations #CyberRisk #ZeroTrustArchitecture #DetectionEngineering #EnterpriseSecurity #ThreatHunting
-
Identity compromise continues to dominate intrusion chains.
From the Sophos Active Adversary Report 2026:
• 67% of initial access attributed to identity abuse
• 3.4-hour median to Active Directory pivot
• 3-day median dwell time
• 88% ransomware deployment off-hours
• 79% data exfiltration off-hours
Directory services remain high-value assets — authentication, authorization, policy control, privilege mapping.
The compressed timeline from credential misuse to directory-level access underscores the need for:
– Continuous identity monitoring
– Behavioral analytics
– After-hours SOC coverage
– Conditional access enforcement
– Least-privilege architecture
Generative AI is functioning as a force multiplier — improving phishing quality and campaign scale - not yet delivering autonomous attack chains.Is identity governance keeping pace with adversary dwell time compression?
Engage below.Follow TechNadu for high-signal infosec analysis.
Repost to strengthen industry awareness.
#Infosec #IdentityThreats #RansomwareDefense #ActiveDirectorySecurity #ThreatModeling #GenAI #SecurityOperations #CyberRisk #ZeroTrustArchitecture #DetectionEngineering #EnterpriseSecurity #ThreatHunting
-
Hello everyone.
In today's article we are performing remote active directory pentesting @RealTryHackMehttps://denizhalil.com/2025/06/10/remote-active-directory-pentesting-guide/
#activedirectory #activedirectoryenumeration #activedirectorypentesting #activedirectorysecurity #impacket #ethicalhacking #cybersecurity
-
Hello everyone.
In today's article we are performing remote active directory pentesting @RealTryHackMehttps://denizhalil.com/2025/06/10/remote-active-directory-pentesting-guide/
#activedirectory #activedirectoryenumeration #activedirectorypentesting #activedirectorysecurity #impacket #ethicalhacking #cybersecurity
-
Windows Server 2025’s BadSuccessor flaw lets attackers hijack any Active Directory account—even admins—with minimal access. Default configs are at risk, and no patch is out yet. Don’t wait to secure your AD! #ActiveDirectorySecurity
-
Windows Server 2025’s BadSuccessor flaw lets attackers hijack any Active Directory account—even admins—with minimal access. Default configs are at risk, and no patch is out yet. Don’t wait to secure your AD! #ActiveDirectorySecurity
-
Windows Server 2025’s BadSuccessor flaw lets attackers hijack any Active Directory account—even admins—with minimal access. Default configs are at risk, and no patch is out yet. Don’t wait to secure your AD! #ActiveDirectorySecurity
-
Windows Server 2025’s BadSuccessor flaw lets attackers hijack any Active Directory account—even admins—with minimal access. Default configs are at risk, and no patch is out yet. Don’t wait to secure your AD! #ActiveDirectorySecurity
-
What is Active Directory Security: A Comprehensive Guide
https://denizhalil.com/2025/04/28/what-is-active-directory-security/
#activedirectory #activedirectorysecurity #ethicalhacking #networksecurity #windowsserver #adsecurity #grouppolicysecurity
-
What is Active Directory Security: A Comprehensive Guide
https://denizhalil.com/2025/04/28/what-is-active-directory-security/
#activedirectory #activedirectorysecurity #ethicalhacking #networksecurity #windowsserver #adsecurity #grouppolicysecurity
-
Hello everyone.
In today's article we are examining Enumerating Active Directory Accounts with kerbrute.
I wish everyone good work:
https://denizhalil.com/2025/01/08/kerbrute-active-directory-enumeration/#kerbrute #activedirectory #activedirectorysecurity #bruteforcatacks #ethicalhacking #redteam #pentesting #securitytools
-
Hello everyone.
In today's article we are examining Enumerating Active Directory Accounts with kerbrute.
I wish everyone good work:
https://denizhalil.com/2025/01/08/kerbrute-active-directory-enumeration/#kerbrute #activedirectory #activedirectorysecurity #bruteforcatacks #ethicalhacking #redteam #pentesting #securitytools
-
The Complete Active Directory Security Handbook: https://karim-ashraf.gitbook.io/karim_ashraf_space/writeups/the-complete-active-directory-security-handbook
-
The Complete Active Directory Security Handbook: https://karim-ashraf.gitbook.io/karim_ashraf_space/writeups/the-complete-active-directory-security-handbook
-
The Complete Active Directory Security Handbook: https://karim-ashraf.gitbook.io/karim_ashraf_space/writeups/the-complete-active-directory-security-handbook
-
The Complete Active Directory Security Handbook: https://karim-ashraf.gitbook.io/karim_ashraf_space/writeups/the-complete-active-directory-security-handbook
-
The Complete Active Directory Security Handbook: https://karim-ashraf.gitbook.io/karim_ashraf_space/writeups/the-complete-active-directory-security-handbook
-
Detecting and Mitigating Active Directory Compromises: https://media.defense.gov/2024/Sep/25/2003553985/-1/-1/0/CTR-DETECTING-AND-MITIGATING-AD-COMPROMISES.PDF
-
Detecting and Mitigating Active Directory Compromises: https://media.defense.gov/2024/Sep/25/2003553985/-1/-1/0/CTR-DETECTING-AND-MITIGATING-AD-COMPROMISES.PDF
-
Detecting and Mitigating Active Directory Compromises: https://media.defense.gov/2024/Sep/25/2003553985/-1/-1/0/CTR-DETECTING-AND-MITIGATING-AD-COMPROMISES.PDF
-
How to Harden Active Directory to Prevent Cyber Attacks: https://www.youtube.com/watch?v=S9u6-rhJl8k
-
How to Harden Active Directory to Prevent Cyber Attacks: https://www.youtube.com/watch?v=S9u6-rhJl8k
-
How to Harden Active Directory to Prevent Cyber Attacks: https://www.youtube.com/watch?v=S9u6-rhJl8k
-
So, I'm considering taking some risks and leaning into setting up AD and domain on my home network, with my homelab.
I'm concerned about what risks I should watch out for, and things I should keep in mind while setting it up and configuring it. My only hands on experience with setting that stuff up, was in a lab setting for one of my classes for school, and it was a very basic overview, and didn't cover the security risk side of things.
I don't really have a huge need or reason to do this, largely just curious about the setup and management of a dozen or so computers on a small network like this.
Also concerned about configuring my network shares for Android devices that exist on the network, that access the shares for media streaming as well.
#windowsadmin #sysadmin #activedirectory #ActiveDirectorySecurity #domainadmin #infosec #windowssecurity #windowsserver #HomeLabServer #homelab #serveradmin
-
So, I'm considering taking some risks and leaning into setting up AD and domain on my home network, with my homelab.
I'm concerned about what risks I should watch out for, and things I should keep in mind while setting it up and configuring it. My only hands on experience with setting that stuff up, was in a lab setting for one of my classes for school, and it was a very basic overview, and didn't cover the security risk side of things.
I don't really have a huge need or reason to do this, largely just curious about the setup and management of a dozen or so computers on a small network like this.
Also concerned about configuring my network shares for Android devices that exist on the network, that access the shares for media streaming as well.
#windowsadmin #sysadmin #activedirectory #ActiveDirectorySecurity #domainadmin #infosec #windowssecurity #windowsserver #HomeLabServer #homelab #serveradmin
-
So, I'm considering taking some risks and leaning into setting up AD and domain on my home network, with my homelab.
I'm concerned about what risks I should watch out for, and things I should keep in mind while setting it up and configuring it. My only hands on experience with setting that stuff up, was in a lab setting for one of my classes for school, and it was a very basic overview, and didn't cover the security risk side of things.
I don't really have a huge need or reason to do this, largely just curious about the setup and management of a dozen or so computers on a small network like this.
Also concerned about configuring my network shares for Android devices that exist on the network, that access the shares for media streaming as well.
#windowsadmin #sysadmin #activedirectory #ActiveDirectorySecurity #domainadmin #infosec #windowssecurity #windowsserver #HomeLabServer #homelab #serveradmin
-
So, I'm considering taking some risks and leaning into setting up AD and domain on my home network, with my homelab.
I'm concerned about what risks I should watch out for, and things I should keep in mind while setting it up and configuring it. My only hands on experience with setting that stuff up, was in a lab setting for one of my classes for school, and it was a very basic overview, and didn't cover the security risk side of things.
I don't really have a huge need or reason to do this, largely just curious about the setup and management of a dozen or so computers on a small network like this.
Also concerned about configuring my network shares for Android devices that exist on the network, that access the shares for media streaming as well.
#windowsadmin #sysadmin #activedirectory #ActiveDirectorySecurity #domainadmin #infosec #windowssecurity #windowsserver #HomeLabServer #homelab #serveradmin
-
So, I'm considering taking some risks and leaning into setting up AD and domain on my home network, with my homelab.
I'm concerned about what risks I should watch out for, and things I should keep in mind while setting it up and configuring it. My only hands on experience with setting that stuff up, was in a lab setting for one of my classes for school, and it was a very basic overview, and didn't cover the security risk side of things.
I don't really have a huge need or reason to do this, largely just curious about the setup and management of a dozen or so computers on a small network like this.
Also concerned about configuring my network shares for Android devices that exist on the network, that access the shares for media streaming as well.
#windowsadmin #sysadmin #activedirectory #ActiveDirectorySecurity #domainadmin #infosec #windowssecurity #windowsserver #HomeLabServer #homelab #serveradmin
-
A SANS research paper on Active Directory tactical containment in the event of compromised directory: https://www.sans.edu/cyber-research/active-directory-tactical-containment-to-curb-domain-dominance/
-
A SANS research paper on Active Directory tactical containment in the event of compromised directory: https://www.sans.edu/cyber-research/active-directory-tactical-containment-to-curb-domain-dominance/
-
A SANS research paper on Active Directory tactical containment in the event of compromised directory: https://www.sans.edu/cyber-research/active-directory-tactical-containment-to-curb-domain-dominance/
-
A SANS research paper on Active Directory tactical containment in the event of compromised directory: https://www.sans.edu/cyber-research/active-directory-tactical-containment-to-curb-domain-dominance/
-
A SANS research paper on Active Directory tactical containment in the event of compromised directory: https://www.sans.edu/cyber-research/active-directory-tactical-containment-to-curb-domain-dominance/
-
Active Directory Hardening Series by Jerry Devore:
- Part 1 – Disabling NTLMv1: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-1-disabling-ntlmv1/ba-p/3934787- Part 2 – Removing SMBv1: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-2-removing-smbv1/ba-p/3988317
- Part 3 – Enforcing LDAP Signing: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-3-enforcing-ldap-signing/ba-p/4066233
- Part 4 – Enforcing AES for Kerberos: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-4-enforcing-aes-for/ba-p/4114965
-
Active Directory Hardening Series by Jerry Devore:
- Part 1 – Disabling NTLMv1: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-1-disabling-ntlmv1/ba-p/3934787- Part 2 – Removing SMBv1: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-2-removing-smbv1/ba-p/3988317
- Part 3 – Enforcing LDAP Signing: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-3-enforcing-ldap-signing/ba-p/4066233
- Part 4 – Enforcing AES for Kerberos: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-4-enforcing-aes-for/ba-p/4114965
-
Active Directory Hardening Series by Jerry Devore:
- Part 1 – Disabling NTLMv1: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-1-disabling-ntlmv1/ba-p/3934787- Part 2 – Removing SMBv1: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-2-removing-smbv1/ba-p/3988317
- Part 3 – Enforcing LDAP Signing: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-3-enforcing-ldap-signing/ba-p/4066233
- Part 4 – Enforcing AES for Kerberos: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-4-enforcing-aes-for/ba-p/4114965
-
Active Directory Hardening Series by Jerry Devore:
- Part 1 – Disabling NTLMv1: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-1-disabling-ntlmv1/ba-p/3934787- Part 2 – Removing SMBv1: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-2-removing-smbv1/ba-p/3988317
- Part 3 – Enforcing LDAP Signing: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-3-enforcing-ldap-signing/ba-p/4066233
- Part 4 – Enforcing AES for Kerberos: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/active-directory-hardening-series-part-4-enforcing-aes-for/ba-p/4114965
-
How to Disable NTLM Authentication in Windows Domain: https://woshub.com/disable-ntlm-authentication-windows/
-
How to Disable NTLM Authentication in Windows Domain: https://woshub.com/disable-ntlm-authentication-windows/
-
How to Disable NTLM Authentication in Windows Domain: https://woshub.com/disable-ntlm-authentication-windows/
-
A Hitch-Hacker's Guide To DACL-Based Detections - The Addendum: https://trustedsec.com/blog/a-hitch-hackers-guide-to-dacl-based-detections-the-addendum
-
A Hitch-Hacker's Guide To DACL-Based Detections - The Addendum: https://trustedsec.com/blog/a-hitch-hackers-guide-to-dacl-based-detections-the-addendum
-
A Hitch-Hacker's Guide To DACL-Based Detections - The Addendum: https://trustedsec.com/blog/a-hitch-hackers-guide-to-dacl-based-detections-the-addendum
-
CW: Free Adalanche Professional license draw
Winter solstice giveaway: one random lucky winner will get a full 3 month commercial license version of my attack graph analyzer Adalanche Professional!
With that you can start the new year doing valuable blue side efforts in your company: find Active Directory problems leading to Domain Admin, locate misconfigured ADCS templates, finally get some tiering done and how about taking a look at who can do what inside your vCenter? To get you going, I'll assist you remote for two hours (also free) if you want.
There's more info on what you can do with this on https://www.netsection.com
To enter the draw just boost this toot. I'll contact winner via Mastodon DM on Friday (~48 hours from now), and you'll have 24 hours to respond, otherwise I'll pick another winner.
Please note: license is issued to one named AD but can analyze any amount of trusted or trusting domains too.
-
CW: Free Adalanche Professional license draw
Winter solstice giveaway: one random lucky winner will get a full 3 month commercial license version of my attack graph analyzer Adalanche Professional!
With that you can start the new year doing valuable blue side efforts in your company: find Active Directory problems leading to Domain Admin, locate misconfigured ADCS templates, finally get some tiering done and how about taking a look at who can do what inside your vCenter? To get you going, I'll assist you remote for two hours (also free) if you want.
There's more info on what you can do with this on https://www.netsection.com
To enter the draw just boost this toot. I'll contact winner via Mastodon DM on Friday (~48 hours from now), and you'll have 24 hours to respond, otherwise I'll pick another winner.
Please note: license is issued to one named AD but can analyze any amount of trusted or trusting domains too.
-
CW: Free Adalanche Professional license draw
Winter solstice giveaway: one random lucky winner will get a full 3 month commercial license version of my attack graph analyzer Adalanche Professional!
With that you can start the new year doing valuable blue side efforts in your company: find Active Directory problems leading to Domain Admin, locate misconfigured ADCS templates, finally get some tiering done and how about taking a look at who can do what inside your vCenter? To get you going, I'll assist you remote for two hours (also free) if you want.
There's more info on what you can do with this on https://www.netsection.com
To enter the draw just boost this toot. I'll contact winner via Mastodon DM on Friday (~48 hours from now), and you'll have 24 hours to respond, otherwise I'll pick another winner.
Please note: license is issued to one named AD but can analyze any amount of trusted or trusting domains too.
-
CW: Free Adalanche Professional license draw
Winter solstice giveaway: one random lucky winner will get a full 3 month commercial license version of my attack graph analyzer Adalanche Professional!
With that you can start the new year doing valuable blue side efforts in your company: find Active Directory problems leading to Domain Admin, locate misconfigured ADCS templates, finally get some tiering done and how about taking a look at who can do what inside your vCenter? To get you going, I'll assist you remote for two hours (also free) if you want.
There's more info on what you can do with this on https://www.netsection.com
To enter the draw just boost this toot. I'll contact winner via Mastodon DM on Friday (~48 hours from now), and you'll have 24 hours to respond, otherwise I'll pick another winner.
Please note: license is issued to one named AD but can analyze any amount of trusted or trusting domains too.
-
CW: Free Adalanche Professional license draw
Winter solstice giveaway: one random lucky winner will get a full 3 month commercial license version of my attack graph analyzer Adalanche Professional!
With that you can start the new year doing valuable blue side efforts in your company: find Active Directory problems leading to Domain Admin, locate misconfigured ADCS templates, finally get some tiering done and how about taking a look at who can do what inside your vCenter? To get you going, I'll assist you remote for two hours (also free) if you want.
There's more info on what you can do with this on https://www.netsection.com
To enter the draw just boost this toot. I'll contact winner via Mastodon DM on Friday (~48 hours from now), and you'll have 24 hours to respond, otherwise I'll pick another winner.
Please note: license is issued to one named AD but can analyze any amount of trusted or trusting domains too.