Defensive Active Directory

Resources (cross-post resources)

# Talk by Riccardo Ancarani "Detecting Resilient Adversaries - Active Directory"
# Prevention/Detection
# - DCSync
# - AdminSDHolder
# - Ticket Forgery
# - DSRM
# - Skeleton Key
# - DCShadow
https://raw.githubusercontent.com/RiccardoAncarani/talks/master/r00tMI/20200709-r00tMi-ADDtalk_v1.0.pdf
````
<br/>


### BloodHound for defense

```bash
https://posts.specterops.io/bloodhound-versus-ransomware-a-defenders-guide-28147dedb73b

# Great post explaining how BloodHound can be used by defenders