HTB Certified Active Directory Pentester Expert (HTB CAPE) from Hack The Box

HTB Certified Active Directory Pentester Expert (HTB CAPE)

The Active Directory Penetration Tester Job Role Path is designed for individuals who aim to develop skills in pentesting large Active Directory (AD) networks and the components commonly found in such environments. This path equips students with the skills needed to evaluate the security of AD environments, navigate complex Windows networks, and identify elusive attack paths. This path includes advanced hands-on labs where participants will practice techniques such as Kerberos attacks, NTLM relay attacks, and the abuse of services like AD Certificate Services (ADCS), Exchange, WSUS, and MSSQL. Students will also learn how to exploit misconfigurations in Active Directory DACLs and Domain Trusts, perform evasion tactics in Windows environments, and leverage Command and Control (C2) frameworks for post-exploitation activities. By combining theoretical foundations with practical exercises and a structured methodology for identifying AD vulnerabilities, this path enables students to conduct professional security assessments on complex AD infrastructures and effectively report security weaknesses discovered by chaining multiple vulnerabilities.

Course Overview

Overall Proficiency Level

3 - Advanced

Course Catalog Number

CAPE

Course Prerequisites

Interpreting a letter of engagement
Advanced knowledge of network penetration testing and Windows security concepts
Knowledge of Active Directory and its critical components (Kerberos, ADCS, Exchange, MSSQL, WSUS, SCCM, etc.)
Proficiency in comprehending and effectively navigating complex Active Directory networks
Understanding Active Directory security inefficiencies and misconfigurations, with the ability to detect and exploit them
Knowledge of different Command and Control (C2) frameworks for post-exploitation activities
Knowledge of evasion techniques to circumvent various Windows security measures
Proficiency in chaining multiple Windows vulnerabilities
Professional communication and reporting of vulnerabilities

Training Purpose

Skill Development

Specific Audience

All

Delivery Method

Online, Instructor-Led

Online, Self-Paced

Online, Instructor-Led
Online, Self-Paced

Learning Objectives

Advanced network penetration testing
Active Directory security auditing
Enumerating and navigating complex Active Directory networks
Identifying security inefficiencies in Active Directory configurations, Group Policies, Discretionary Access Control Lists (DACLs), AD Trusts, etc.
Privilege escalation
Lateral movement
Assessing the security of Active Directory Certificate Services (ADCS), Exchange, MSSQL, Windows Server Update Services (WSUS), System Center Configuration Manager (SCCM), etc.
Evading Windows security measures
Chaining multiple network vulnerabilities
Utilizing Command and Control (C2) frameworks for post-exploitation activities
Reporting identified vulnerabilities in a professional and comprehensive manner

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Competency Areas

Work Roles

Feedback

If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.