Exploitation Phase

Now that we've successfully completed Task 6 — gaining valid credentials (username + password) for the domain user alfredo — we are no longer just passive observers. We now have real access to the network.

🛠️ What Comes Next?

With domain credentials in hand, our next phase shifts to Active Directory enumeration and exploitation.

Here’s how we’ll proceed:

Enumerating AD relationships (ldapdomaindump, bloodhound-python)
Escalating privileges using built-in trust paths (net rpc, winPEAS) .
Achieving full control of the system and domain.

Previous6. Password Brute Force via SMB Login Next7. Dump Domain Information via LDAP

Last updated 8 months ago

hashtag🛠️ What Comes Next?

🛠️ What Comes Next?