Here’s the deal, i have never pentested windows machines and what i’m asking is: what you recommend as a learning path?
I dont have VIP but if it really leverages in this case, i might get it!
On linux i’m very confortable with the medium machines (they start to become easier, with some hickups but i can really see the progress from a month ago)
I dont know alot about windows but imo the biggest diference is Active Directory,since every company uses AD I think its critical to know it well if youre gonna do internal pentests(there is a retired box for that to practice once you learn it).There is a course for that on hackthebox academy also.Apart from that I think a bit of powershell may be good to know.To practice hacking windows I really recommend VIP as there’s alot of boxes to choose from.Also forgot to mention windows registry aswell.
Active Directory
DNS - Zone Transfers
SMB
Kerberoasting (part of Active Directory) using impacket
Registry (see link above)
Powershell will do you good