Post-Compromise Attacks

Playbook

• Start off with quick wins such as Kerberoasting, Secretsdump and Pass the Hash

• Reiterate and duplicate

  • Access to new machine via Pass the Hash

  • Dump SAM and crack hashes

  • Try to move vertically

  • Pass hashes around again

• Enumerate some more

• Search for old vulnerabilities