Name: The Fundamentals of Hacking Active Directory — Part 1 | OSINT & Initial Access
Uploaded: 2025-11-22T17:09:25+00:00
Duration: 5 min 4 s
Description: Active Directory is the backbone of most corporate networks — and when AD goes down, the entire organization goes down with it. In this video, I break down how real-world attackers gain their first fo

17 hours ago

Technology active directory active directory hacking osint osint tutorial red team blue team penetration testing ethical hacking llmnr spoofing nbns spoofing network scanning ntlm hash initial access kill chain kerberoasting pentesting tutorial cybersecurity infosec hash cracking windows domain kerberos ad enumeration hashcat mitre att

Active Directory is the backbone of most corporate networks — and when AD goes down, the entire organization goes down with it. In this video, I break down how real-world attackers gain their first foothold inside a Windows domain without ever having a username or password.

We walk through how OSINT + internal network recon reveal domain names, hostnames, controllers, users, and NTLM hashes that can later be cracked for valid credentials. This is Phase 1 of the Active Directory Kill Chain: going from zero access → valid domain user.

👉 Topics Covered
• What Active Directory actually controls
• Why AD is the #1 target for Red Teams & threat actors
• Three-phase AD Kill Chain (initial → privilege → domain takeover)
• How to get credentials WITHOUT authentication
• LLMNR / NBNS spoofing and passive hash capture
• Why “one unprivileged account” can lead to full domain compromise

This series teaches the attacker mindset so defenders can better protect their network.
🔔 Subscribe to follow along — Part 2 (Privilege Escalation) drops next.

Loading comments...