⚠️ Pracivo Security Lab — Advanced AD attack techniques beyond Kerberoasting. Includes AS-REP Roasting, DCSync, Golden Tickets, and BloodHound.
Lab Credentials: ram / pracivo | john.smith / Welcome1 | administrator / Admin@2024
Advanced AD Attack Paths
| Attack | Requires | Gives You |
|---|
| AS-REP Roasting | Any domain user (or anonymous) | Offline crackable hash for accounts with no preauth |
| DCSync | Domain Admin or Replication rights | All NTLM hashes from the DC — full domain compromise |
| Golden Ticket | krbtgt NTLM hash | Forge Kerberos tickets as ANY user — permanent access |
| BloodHound | Domain user | Visual map of attack paths to Domain Admin |
| Password Spraying | List of usernames | Valid credentials without triggering lockout |
| Lateral Movement | Valid credentials or hash | Access to other machines on the domain |