Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Pentesting Active Directory and Windows-based Infrastructure
Pentesting Active Directory and Windows-based Infrastructure

Pentesting Active Directory and Windows-based Infrastructure: A comprehensive practical guide to penetration testing Microsoft infrastructure

Arrow left icon
Profile Icon Denis Isakov
Arrow right icon
$12.99 per month
Full star icon Full star icon Full star icon Full star icon Half star icon 4.9 (14 Ratings)
Paperback Nov 2023 360 pages 1st Edition
eBook
$35.99
Paperback
$44.99
Subscription
Free Trial
Renews at $12.99p/m
Arrow left icon
Profile Icon Denis Isakov
Arrow right icon
$12.99 per month
Full star icon Full star icon Full star icon Full star icon Half star icon 4.9 (14 Ratings)
Paperback Nov 2023 360 pages 1st Edition
eBook
$35.99
Paperback
$44.99
Subscription
Free Trial
Renews at $12.99p/m
eBook
$35.99
Paperback
$44.99
Subscription
Free Trial
Renews at $12.99p/m

What do you get with a Packt Subscription?

Free for first 7 days. $15.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing

Key benefits

  • Find out how to attack real-life Microsoft infrastructure
  • Discover how to detect adversary activities and remediate your environment
  • Apply the knowledge you’ve gained by working on hands-on exercises
  • Purchase of the print or Kindle book includes a free PDF eBook

Description

This book teaches you the tactics and techniques used to attack a Windows-based environment, along with showing you how to detect malicious activities and remediate misconfigurations and vulnerabilities. You’ll begin by deploying your lab, where every technique can be replicated. The chapters help you master every step of the attack kill chain and put new knowledge into practice. You’ll discover how to evade defense of common built-in security mechanisms, such as AMSI, AppLocker, and Sysmon; perform reconnaissance and discovery activities in the domain environment by using common protocols and tools; and harvest domain-wide credentials. You’ll also learn how to move laterally by blending into the environment’s traffic to stay under radar, escalate privileges inside the domain and across the forest, and achieve persistence at the domain level and on the domain controller. Every chapter discusses OpSec considerations for each technique, and you’ll apply this kill chain to perform the security assessment of other Microsoft products and services, such as Exchange, SQL Server, and SCCM. By the end of this book, you'll be able to perform a full-fledged security assessment of the Microsoft environment, detect malicious activity in your network, and guide IT engineers on remediation steps to improve the security posture of the company.

Who is this book for?

This book is for pentesters and red teamers, security and IT engineers, as well as blue teamers and incident responders interested in Windows infrastructure security. The book is packed with practical examples, tooling, and attack-defense guidelines to help you assess and improve the security of your real-life environments. To get the most out of this book, you should have basic knowledge of Windows services and Active Directory.

What you will learn

  • Understand and adopt the Microsoft infrastructure kill chain methodology
  • Attack Windows services, such as Active Directory, Exchange, WSUS, SCCM, AD CS, and SQL Server
  • Disappear from the defender's eyesight by tampering with defensive capabilities
  • Upskill yourself in offensive OpSec to stay under the radar
  • Find out how to detect adversary activities in your Windows environment
  • Get to grips with the steps needed to remediate misconfigurations
  • Prepare yourself for real-life scenarios by getting hands-on experience with exercises

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Nov 17, 2023
Length: 360 pages
Edition : 1st
Language : English
ISBN-13 : 9781804611364
Languages :
Concepts :
Tools :

What do you get with a Packt Subscription?

Free for first 7 days. $15.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing

Product Details

Publication date : Nov 17, 2023
Length: 360 pages
Edition : 1st
Language : English
ISBN-13 : 9781804611364
Languages :
Concepts :
Tools :

Packt Subscriptions

See our plans and pricing
Modal Close icon
$12.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 6,500+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
$129.99 billed annually
Feature tick icon Unlimited access to Packt's library of 6,500+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts
$179.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 6,500+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total $ 146.97
Mastering Windows Server 2022
$51.99
PowerShell Automation and Scripting for Cybersecurity
$49.99
Pentesting Active Directory and Windows-based Infrastructure
$44.99
Total $ 146.97 Stars icon
Visually different images

Customer reviews

Top Reviews
Rating distribution
Full star icon Full star icon Full star icon Full star icon Half star icon 4.9
(14 Ratings)
5 star 92.9%
4 star 7.1%
3 star 0%
2 star 0%
1 star 0%
Filter icon Filter
Top Reviews

Filter reviews by




N/A Feb 21, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Pubblicazioni interessanti scritti con il giusto livello tecnico ma soprattutto in modo chiaro.
Feefo Verified review Feefo
Vedant Gavde Dec 16, 2023
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Denis Isakov's "Pentesting Active Directory and Windows-based Infrastructure" serves as an indispensable handbook for cybersecurity professionals and enthusiasts seeking to delve deep into the intricate realm of Windows-based infrastructure security. This book stands out for its focused exploration of lab environment setup and sophisticated evasion and penetration testing techniques specifically targeting Windows environments.From the outset, Isakov's approach is commendable. The book seamlessly introduces readers to the intricacies of setting up lab environments, laying a strong foundation for understanding and implementing effective penetration testing on Windows Active Directory. What makes this guide invaluable is its applicability not only to beginners but also as a comprehensive reference for seasoned professionals navigating the complexities of Windows-based infrastructure security.One of the book's notable strengths is its ability to make complex concepts accessible to a wide audience. Isakov's lucid explanations ensure that even intricate technical details are conveyed in an easy-to-understand manner. The clarity with which he articulates sophisticated evasion and pentesting techniques makes this book a go-to resource for anyone venturing into or honing their skills in this domain.The practicality of this guide cannot be overstated. Isakov skillfully intertwines real-world scenarios and practical examples throughout the book, offering hands-on experience and insights into tackling security challenges in Windows environments. This hands-on approach fosters a deeper understanding of the tools, methodologies, and tactics used in actual penetration testing scenarios.Having delved into "Pentesting Active Directory and Windows-based Infrastructure," I am convinced of its immense value in augmenting skills and techniques essential for securing Windows infrastructures. Whether you're a novice seeking to understand Windows penetration testing or an experienced professional looking to enhance your skill set, this book is an invaluable asset.In conclusion, Denis Isakov's "Pentesting Active Directory and Windows-based Infrastructure" is an essential guide that combines theory with practical application, making it a must-read for cybersecurity professionals aiming to elevate their knowledge and expertise in securing Windows-based networks.
Amazon Verified review Amazon
Amazon Customer May 23, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
I liked this book, as an experienced AD tester, it made me feel at home :)I think this book is a good resource for penetration testers, and I strongly recommend to replicate the techniques used in a lab environment, which is essential for practical learning and to master the concepts.I appreciated the coverage of topics such as defence evasion, reconnaissance, and domain privilege escalation from a windows environment perspective. I often test AD from windows, and don’t touch Kali. This knowledge will help you on real tests.And I liked the book touching on SCCM, Exchange, CS and MSSQL.However, like all resources, this book can’t cover everything. It serves as a robust foundation, and it is ultimately up to the reader to expand on the topics presented. The book is infact full of resources and links.For junior pentesters, the book may take longer to digest due to the complexity and depth of Active Directory. However, this should not discourage you, but trigger your curiosity and interest.For more experienced testers, it still holds value in my opinion, offering insights that can refine your existing knowledge. There is always something to learn, whether it is a new tool or a different way to achieve the same goal.A book to read, especially if you love Active Directory or if you want to get better at it.
Amazon Verified review Amazon
Victor kolawole May 25, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This book has the best content when it comes to an active directory penetration testing, I never regretted buying this book, the hands-on labs are top notch and I will recommend it for anyone who want to learn more about active directory pentesting and it's environment.
Amazon Verified review Amazon
D Aug 08, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Great read and top-notch info!I think "Pentesting Active Directory: Windows-based Infrastructure" is an outstanding resource for cybersecurity professionals looking to deepen their knowledge of Active Directory (AD) security testing. This book is a goldmine for anyone involved in penetration testing, red teaming, or network defense, especially in environments heavily reliant on Windows infrastructure.The authors have done an exceptional job of breaking down complex concepts into easily digestible sections, making it accessible even for those who may not be seasoned experts in Active Directory. The book covers a wide range of topics, from the basics of AD structure to advanced exploitation techniques, ensuring that readers understand the subject matter comprehensively.One of the highlights of this book is its practical approach. It doesn't just bombard you with theory; it provides real-world examples, step-by-step guides, and hands-on labs that allow readers to apply what they've learned in a controlled environment. This practical focus makes it an invaluable tool for beginners and experienced professionals looking to sharpen their skills.Additionally, the book's organization is commendable. The chapters are well-structured, progressing logically from foundational knowledge to more advanced topics. Including detailed diagrams and screenshots further enhances the learning experience, making it easier to visualize complex attack scenarios and defenses.What sets this book apart from others in the field is its focus on modern threats and up-to-date techniques and not just generalities. The authors address the latest security challenges organizations face, ensuring readers know how to defend against current and emerging threats.Overall, I think this is a must-have for anyone serious about mastering AD security. Whether you're preparing for a pen testing engagement, strengthening your organization's defenses, or expanding your knowledge, this book will serve as an indispensable guide.Highly recommended!
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is included in a Packt subscription? Chevron down icon Chevron up icon

A subscription provides you with full access to view all Packt and licnesed content online, this includes exclusive access to Early Access titles. Depending on the tier chosen you can also earn credits and discounts to use for owning content

How can I cancel my subscription? Chevron down icon Chevron up icon

To cancel your subscription with us simply go to the account page - found in the top right of the page or at https://subscription.packtpub.com/my-account/subscription - From here you will see the ‘cancel subscription’ button in the grey box with your subscription information in.

What are credits? Chevron down icon Chevron up icon

Credits can be earned from reading 40 section of any title within the payment cycle - a month starting from the day of subscription payment. You also earn a Credit every month if you subscribe to our annual or 18 month plans. Credits can be used to buy books DRM free, the same way that you would pay for a book. Your credits can be found in the subscription homepage - subscription.packtpub.com - clicking on ‘the my’ library dropdown and selecting ‘credits’.

What happens if an Early Access Course is cancelled? Chevron down icon Chevron up icon

Projects are rarely cancelled, but sometimes it's unavoidable. If an Early Access course is cancelled or excessively delayed, you can exchange your purchase for another course. For further details, please contact us here.

Where can I send feedback about an Early Access title? Chevron down icon Chevron up icon

If you have any feedback about the product you're reading, or Early Access in general, then please fill out a contact form here and we'll make sure the feedback gets to the right team. 

Can I download the code files for Early Access titles? Chevron down icon Chevron up icon

We try to ensure that all books in Early Access have code available to use, download, and fork on GitHub. This helps us be more agile in the development of the book, and helps keep the often changing code base of new versions and new technologies as up to date as possible. Unfortunately, however, there will be rare cases when it is not possible for us to have downloadable code samples available until publication.

When we publish the book, the code files will also be available to download from the Packt website.

How accurate is the publication date? Chevron down icon Chevron up icon

The publication date is as accurate as we can be at any point in the project. Unfortunately, delays can happen. Often those delays are out of our control, such as changes to the technology code base or delays in the tech release. We do our best to give you an accurate estimate of the publication date at any given time, and as more chapters are delivered, the more accurate the delivery date will become.

How will I know when new chapters are ready? Chevron down icon Chevron up icon

We'll let you know every time there has been an update to a course that you've bought in Early Access. You'll get an email to let you know there has been a new chapter, or a change to a previous chapter. The new chapters are automatically added to your account, so you can also check back there any time you're ready and download or read them online.

I am a Packt subscriber, do I get Early Access? Chevron down icon Chevron up icon

Yes, all Early Access content is fully available through your subscription. You will need to have a paid for or active trial subscription in order to access all titles.

How is Early Access delivered? Chevron down icon Chevron up icon

Early Access is currently only available as a PDF or through our online reader. As we make changes or add new chapters, the files in your Packt account will be updated so you can download them again or view them online immediately.

How do I buy Early Access content? Chevron down icon Chevron up icon

Early Access is a way of us getting our content to you quicker, but the method of buying the Early Access course is still the same. Just find the course you want to buy, go through the check-out steps, and you’ll get a confirmation email from us with information and a link to the relevant Early Access courses.

What is Early Access? Chevron down icon Chevron up icon

Keeping up to date with the latest technology is difficult; new versions, new frameworks, new techniques. This feature gives you a head-start to our content, as it's being created. With Early Access you'll receive each chapter as it's written, and get regular updates throughout the product's development, as well as the final course as soon as it's ready.We created Early Access as a means of giving you the information you need, as soon as it's available. As we go through the process of developing a course, 99% of it can be ready but we can't publish until that last 1% falls in to place. Early Access helps to unlock the potential of our content early, to help you start your learning when you need it most. You not only get access to every chapter as it's delivered, edited, and updated, but you'll also get the finalized, DRM-free product to download in any format you want when it's published. As a member of Packt, you'll also be eligible for our exclusive offers, including a free course every day, and discounts on new and popular titles.