Yes!
Type your comment> @VbScrub said:
Haha yeah net is definitely an old school way of doing it. I want to say it’s a left over thing from NT4 before active directory was even a thing but I might be wrong. But yeah these days there are plenty of alternatives so in the video I’ll demonstrate a few of those.
One thing that has just convinced me to definitely do this video is seeing in one of the recent Windows machine threads about 60% of the recent posts were people struggling to get Bloodhound to run, or running it successfully but then not knowing what to do with the information it gave them. Its a useful tool don’t get me wrong, but I’ve never needed to use it for any of the machines on here so its not like its absolutely necessary. Seems like it would be good if people didn’t have to rely on it so much as at the end of the day all it’s doing is enumerating group membership and permissions as far as I can see. Two things you can do yourself with various other methods.
Personally I’d love to learn about these enumeration methods you speak of, especially methods that don’t rely on something like bloodhound. I’ve been able to get user on most of the easy/med windows boxes so far, but after that I struggle with identifying what and where to enumerate in order to identify potential routes toward privilege escalation. Could very well be that I just lack basic windows knowledge, but it seems like I’m not the only one struggling with this. Thx!
Yes, I’d love a long talk about AD enumeration. 
Yes i am interested too
AD video will be coming next week but for now I’ve just finished up this video explaining how the Impacket GetNPUsers script works, which involves some AD related stuff that might be of interest to the people in this thread:
Subbed 
Just watched your vid on GetNPUsers.py and kerb pre auth, very good!
A video on AD would me really helpful for me personally but for the whole htb community I think since as you said, a lot of people state that AD / Windows is their weakness.
What I would personally like to see in this video is:
What is LDAP and how it works
What is RPC and how it works
What is SMB and how it works
more kerberos stuff
Active directory objects etc
forests (?)
maybe you could also state what the best practice is for AD in general, what to look out for and maybe even how to look out for attacks.
In any case thanks for making your videos, pretty nice
Video is now up There will be plenty more coming soon with more specific topics covered, but I just wanted to get this fundamental stuff out there first so that there’s something to build from even for people who know nothing at all about AD.
The topics I covered in this first video (along with timestamps) are:
AD/LDAP/DS definition: 2:33
Installing AD: 4:02
Forests: 5:30
Global Catalog: 6:05
Domain functional levels: 6:48
Local account migration: 8:08
Viewing the contents of a domain: 8:58
FSMO roles: 11:06
Creating a new user: 12:51
Viewing user account properties: 13:29
Constructing distinguished names: 15:35
Computer accounts: 21:03
Groups: 24:17
SIDs and RIDs: 27:55
LDAP queries: 30:05
LDAP attributes: 34:07
Group policy: 35:39
AD permissions: 44:17
Yes please!!
thanks dude, if I may, could you speak a bit slower and dont move the mouse too much ?
Type your comment> @peek said:
thanks dude, if I may, could you speak a bit slower and dont move the mouse too much ?
Yeah someone else mentioned I move the mouse too much lol made a conscious effort to do it less at the start of the video but think once I got going I forgot…