https://r0tbyt3.dev/tags/windows-security-and-administration/Recent content in Windows-Security-and-Administration on Jesus OsegueraHugoen-ushttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/Active Directory Active Directory - Microsoft’s directory service for managing users, computers, and policies in Windows domain environments. Active Directory Fundamentals Group Administration IAM Policies Identity and Access Management Fundamentals Identity Federation Pass the Hash Privileged Access Management User Administration Related Links: Active Directory Enumeration Create Shortcut via IShellLink COM Interface File Creation File Operations Windows Administration Windows Exploitation Write File to Diskhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/Active Directory Enumeration Active Directory Enumeration - techniques for querying Active Directory to gather information about users, groups, computers, and domain configuration. Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumeration Related Links: Active Directory Create Shortcut via IShellLink COM Interface File Creation File Operations Windows Administration Windows Exploitation Write File to Diskhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/active-directory-fundamentals/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/active-directory-fundamentals/Active Directory Fundamentals Active Directory Fundamentals - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Group Administration IAM Policies Identity and Access Management Fundamentals Identity Federation Pass the Hash Privileged Access Management User Administrationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/add-user-to-local-group/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/add-user-to-local-group/Add User to Local Group Add User to Local Group - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/alwaysinstallelevated-privilege-escalation-check/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/alwaysinstallelevated-privilege-escalation-check/AlwaysInstallElevated Privilege Escalation Check AlwaysInstallElevated Privilege Escalation Check - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Brute Force vs Password Spraying Windows Check HKCU AlwaysInstallElevated Check HKLM AlwaysInstallElevated DLL Hijacking Elevate Process to SYSTEM Enable SeDebugPrivilege Exploitation Enable WDigest for Credential Capture Jail Breaking Lateral Movement Techniques Living Off the Land (LOTL) Techniques Maintaining Persistence Techniques Move File to Startup Folder Persistence via Startup Folder Privilege Escalation Techniques Python Jail Breaking Registry Kill Switchhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/anonymous-smb-login/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/anonymous-smb-login/Anonymous SMB Login Anonymous SMB Login - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-atsvc-via-named-pipe/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-atsvc-via-named-pipe/Bind to ATSVC via Named Pipe Bind to ATSVC via Named Pipe - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-bkrp-via-named-pipe/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-bkrp-via-named-pipe/Bind to BKRP via Named Pipe Bind to BKRP via Named Pipe - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-epm-via-named-pipe/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-epm-via-named-pipe/Bind to EPM via Named Pipe Bind to EPM via Named Pipe - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-lsad-via-named-pipe/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-lsad-via-named-pipe/Bind to LSAD via Named Pipe Bind to LSAD via Named Pipe - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-lsat-via-named-pipe/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-lsat-via-named-pipe/Bind to LSAT via Named Pipe Bind to LSAT via Named Pipe - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-nrpc-via-named-pipe/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-nrpc-via-named-pipe/Bind to NRPC via Named Pipe Bind to NRPC via Named Pipe - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-rprn-via-named-pipe/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-rprn-via-named-pipe/Bind to RPRN via Named Pipe Bind to RPRN via Named Pipe - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-rrp-via-named-pipe/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-rrp-via-named-pipe/Bind to RRP via Named Pipe Bind to RRP via Named Pipe - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-samr-via-named-pipe/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-samr-via-named-pipe/Bind to SAMR via Named Pipe Bind to SAMR via Named Pipe - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-scmr-via-named-pipe/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-scmr-via-named-pipe/Bind to SCMR via Named Pipe Bind to SCMR via Named Pipe - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-srvs-via-named-pipe/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-srvs-via-named-pipe/Bind to SRVS via Named Pipe Bind to SRVS via Named Pipe - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-wkst-via-named-pipe/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/bind-to-wkst-via-named-pipe/Bind to WKST via Named Pipe Bind to WKST via Named Pipe - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/brute-force-vs-password-spraying-windows/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/brute-force-vs-password-spraying-windows/Brute Force vs Password Spraying Windows Brute Force vs Password Spraying Windows - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AlwaysInstallElevated Privilege Escalation Check Check HKCU AlwaysInstallElevated Check HKLM AlwaysInstallElevated DLL Hijacking Elevate Process to SYSTEM Enable SeDebugPrivilege Exploitation Enable WDigest for Credential Capture Jail Breaking Lateral Movement Techniques Living Off the Land (LOTL) Techniques Maintaining Persistence Techniques Move File to Startup Folder Persistence via Startup Folder Privilege Escalation Techniques Python Jail Breaking Registry Kill Switchhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/check-hkcu-alwaysinstallelevated/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/check-hkcu-alwaysinstallelevated/Check HKCU AlwaysInstallElevated Check HKCU AlwaysInstallElevated - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AlwaysInstallElevated Privilege Escalation Check Brute Force vs Password Spraying Windows Check HKLM AlwaysInstallElevated DLL Hijacking Elevate Process to SYSTEM Enable SeDebugPrivilege Exploitation Enable WDigest for Credential Capture Jail Breaking Lateral Movement Techniques Living Off the Land (LOTL) Techniques Maintaining Persistence Techniques Move File to Startup Folder Persistence via Startup Folder Privilege Escalation Techniques Python Jail Breaking Registry Kill Switchhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/check-hklm-alwaysinstallelevated/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/check-hklm-alwaysinstallelevated/Check HKLM AlwaysInstallElevated Check HKLM AlwaysInstallElevated - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AlwaysInstallElevated Privilege Escalation Check Brute Force vs Password Spraying Windows Check HKCU AlwaysInstallElevated DLL Hijacking Elevate Process to SYSTEM Enable SeDebugPrivilege Exploitation Enable WDigest for Credential Capture Jail Breaking Lateral Movement Techniques Living Off the Land (LOTL) Techniques Maintaining Persistence Techniques Move File to Startup Folder Persistence via Startup Folder Privilege Escalation Techniques Python Jail Breaking Registry Kill Switchhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/check-if-rpc-server-is-listening-c706-mgmt/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/check-if-rpc-server-is-listening-c706-mgmt/Check If RPC Server Is Listening C706 Mgmt Check If RPC Server Is Listening C706 Mgmt - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/check-process-admin-privileges-kernel/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/check-process-admin-privileges-kernel/Check Process Admin Privileges Kernel Check Process Admin Privileges Kernel - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/check-process-elevation-status/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/check-process-elevation-status/Check Process Elevation Status Check Process Elevation Status - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/check-token-elevation-status-via-ntqueryinformationtoken/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/check-token-elevation-status-via-ntqueryinformationtoken/Check Token Elevation Status via NtQueryInformationToken Check Token Elevation Status via NtQueryInformationToken - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/connect-to-samr-server-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/connect-to-samr-server-ms-samr/Connect to SAMR Server MS-SAMR Connect to SAMR Server MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/create-a-group-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/create-a-group-ms-samr/Create a Group MS-SAMR Create a Group MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/create-local-remote-service/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/create-local-remote-service/Create Local Remote Service Create Local Remote Service - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/create-local-user/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/create-local-user/Create Local User Create Local User - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/create-local-user-account/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/create-local-user-account/Create Local User Account Create Local User Account - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/create-remote-service/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/create-remote-service/Create Remote Service Create Remote Service - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/create-shortcut-via-ishelllink-com-interface/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/create-shortcut-via-ishelllink-com-interface/Create Shortcut via IShellLink COM Interface Create Shortcut via IShellLink COM Interface - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Active Directory Active Directory Enumeration File Creation File Operations Windows Administration Windows Exploitation Write File to Diskhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/delete-a-group-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/delete-a-group-ms-samr/Delete a Group MS-SAMR Delete a Group MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/delete-remote-service/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/delete-remote-service/Delete Remote Service Delete Remote Service - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/disk-interaction/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/disk-interaction/Disk Interaction Disk Interaction - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/dll-hijacking/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/dll-hijacking/DLL Hijacking DLL Hijacking - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AlwaysInstallElevated Privilege Escalation Check Brute Force vs Password Spraying Windows Check HKCU AlwaysInstallElevated Check HKLM AlwaysInstallElevated Elevate Process to SYSTEM Enable SeDebugPrivilege Exploitation Enable WDigest for Credential Capture Jail Breaking Lateral Movement Techniques Living Off the Land (LOTL) Techniques Maintaining Persistence Techniques Move File to Startup Folder Persistence via Startup Folder Privilege Escalation Techniques Python Jail Breaking Registry Kill Switchhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/domain-join-check/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/domain-join-check/Domain Join Check Domain Join Check - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/elevate-process-to-system/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/elevate-process-to-system/Elevate Process to SYSTEM Elevate Process to SYSTEM - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AlwaysInstallElevated Privilege Escalation Check Brute Force vs Password Spraying Windows Check HKCU AlwaysInstallElevated Check HKLM AlwaysInstallElevated DLL Hijacking Enable SeDebugPrivilege Exploitation Enable WDigest for Credential Capture Jail Breaking Lateral Movement Techniques Living Off the Land (LOTL) Techniques Maintaining Persistence Techniques Move File to Startup Folder Persistence via Startup Folder Privilege Escalation Techniques Python Jail Breaking Registry Kill Switchhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/enable-disable-rdp/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/enable-disable-rdp/Enable Disable RDP Enable Disable RDP - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/enable-disable-restricted-admin/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/enable-disable-restricted-admin/Enable Disable Restricted Admin Enable Disable Restricted Admin - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/enable-remote-desktop-via-registry/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/enable-remote-desktop-via-registry/Enable Remote Desktop via Registry Enable Remote Desktop via Registry - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/enable-sedebugprivilege-exploitation/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/enable-sedebugprivilege-exploitation/Enable SeDebugPrivilege Exploitation Enable SeDebugPrivilege Exploitation - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AlwaysInstallElevated Privilege Escalation Check Brute Force vs Password Spraying Windows Check HKCU AlwaysInstallElevated Check HKLM AlwaysInstallElevated DLL Hijacking Elevate Process to SYSTEM Enable WDigest for Credential Capture Jail Breaking Lateral Movement Techniques Living Off the Land (LOTL) Techniques Maintaining Persistence Techniques Move File to Startup Folder Persistence via Startup Folder Privilege Escalation Techniques Python Jail Breaking Registry Kill Switchhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/enable-wdigest-for-credential-capture/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/enable-wdigest-for-credential-capture/Enable WDigest for Credential Capture Enable WDigest for Credential Capture - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AlwaysInstallElevated Privilege Escalation Check Brute Force vs Password Spraying Windows Check HKCU AlwaysInstallElevated Check HKLM AlwaysInstallElevated DLL Hijacking Elevate Process to SYSTEM Enable SeDebugPrivilege Exploitation Jail Breaking Lateral Movement Techniques Living Off the Land (LOTL) Techniques Maintaining Persistence Techniques Move File to Startup Folder Persistence via Startup Folder Privilege Escalation Techniques Python Jail Breaking Registry Kill Switchhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-a-domain-groups-members/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-a-domain-groups-members/Enumerate A Domain Groups Members Enumerate A Domain Groups Members - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-accounts-with-password-never-expiring/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-accounts-with-password-never-expiring/Enumerate Accounts with Password Never Expiring Enumerate Accounts with Password Never Expiring - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-aliases-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-aliases-ms-samr/Enumerate Aliases MS-SAMR Enumerate Aliases MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-all-groups-in-the-domain/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-all-groups-in-the-domain/Enumerate All Groups in the Domain Enumerate All Groups in the Domain - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-as-rep-roastable-accounts/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-as-rep-roastable-accounts/Enumerate AS-REP Roastable Accounts Enumerate AS-REP Roastable Accounts - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-connections-ms-srvs/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-connections-ms-srvs/Enumerate Connections MS-SRVS Enumerate Connections MS-SRVS - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-disabled-user-accounts/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-disabled-user-accounts/Enumerate Disabled User Accounts Enumerate Disabled User Accounts - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-domain-admins-members/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-domain-admins-members/Enumerate Domain Admins Members Enumerate Domain Admins Members - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-domain-computers-by-keyword/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-domain-computers-by-keyword/Enumerate Domain Computers by Keyword Enumerate Domain Computers by Keyword - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-domains-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-domains-ms-samr/Enumerate Domains MS-SAMR Enumerate Domains MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-electron-fuses/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-electron-fuses/Enumerate Electron Fuses Enumerate Electron Fuses - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-group-policy-objects-gpos/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-group-policy-objects-gpos/Enumerate Group Policy Objects (GPOs) Enumerate Group Policy Objects (GPOs) - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-groups-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-groups-ms-samr/Enumerate Groups MS-SAMR Enumerate Groups MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-locked-out-user-accounts/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-locked-out-user-accounts/Enumerate Locked Out User Accounts Enumerate Locked Out User Accounts - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-logged-on-users-level-0-ms-wkst/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-logged-on-users-level-0-ms-wkst/Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 0 MS-WKST - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-logged-on-users-level-1-ms-wkst/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-logged-on-users-level-1-ms-wkst/Enumerate Logged On Users Level 1 MS-WKST Enumerate Logged On Users Level 1 MS-WKST - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-lsad-accounts-ms-lsad/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-lsad-accounts-ms-lsad/Enumerate LSAD Accounts MS-LSAD Enumerate LSAD Accounts MS-LSAD - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-must-change-password-accounts/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-must-change-password-accounts/Enumerate Must Change Password Accounts Enumerate Must Change Password Accounts - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-netbios-names/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-netbios-names/Enumerate NetBIOS Names Enumerate NetBIOS Names - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-organizational-units-ous/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-organizational-units-ous/Enumerate Organizational Units (OUs) Enumerate Organizational Units (OUs) - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-process-memory-maps/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-process-memory-maps/Enumerate Process Memory Maps Enumerate Process Memory Maps - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-protected-admin-users/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-protected-admin-users/Enumerate Protected Admin Users Enumerate Protected Admin Users - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-remote-host/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-remote-host/Enumerate Remote Host Enumerate Remote Host - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-rpc-interfaces-c706-mgmt/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-rpc-interfaces-c706-mgmt/Enumerate RPC Interfaces C706-MGMT Enumerate RPC Interfaces C706-MGMT - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-system-privileges-ms-lsad/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-system-privileges-ms-lsad/Enumerate System Privileges MS-LSAD Enumerate System Privileges MS-LSAD - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-user-service-accounts-spn/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-user-service-accounts-spn/Enumerate User Service Accounts SPN Enumerate User Service Accounts SPN - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-userpassword-attribute/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-userpassword-attribute/Enumerate UserPassword Attribute Enumerate UserPassword Attribute - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-users-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-users-ms-samr/Enumerate Users MS-SAMR Enumerate Users MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-users-requiring-smartcard-for-logon/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-users-requiring-smartcard-for-logon/Enumerate Users Requiring Smartcard for Logon Enumerate Users Requiring Smartcard for Logon - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-users-who-never-logged-in/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-users-who-never-logged-in/Enumerate Users Who Never Logged In Enumerate Users Who Never Logged In - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-users-with-password-never-expiring/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-users-with-password-never-expiring/Enumerate Users with Password Never Expiring Enumerate Users with Password Never Expiring - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-users-with-password-not-required/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-users-with-password-not-required/Enumerate Users with Password Not Required Enumerate Users with Password Not Required - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-users-with-reversible-encryption-enabled/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-users-with-reversible-encryption-enabled/Enumerate Users with Reversible Encryption Enabled Enumerate Users with Reversible Encryption Enabled - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-workstation-transports-level-0-ms-wkst/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/enumerate-workstation-transports-level-0-ms-wkst/Enumerate Workstation Transports Level 0 MS-WKST Enumerate Workstation Transports Level 0 MS-WKST - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/file-creation/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/file-creation/File Creation File Creation - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Active Directory Active Directory Enumeration Create Shortcut via IShellLink COM Interface File Operations Windows Administration Windows Exploitation Write File to Diskhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/file-operations/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/file-operations/File Operations File Operations - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Active Directory Active Directory Enumeration Create Shortcut via IShellLink COM Interface File Creation Windows Administration Windows Exploitation Write File to Diskhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/get-current-lsa-user-ms-lsat/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/get-current-lsa-user-ms-lsat/Get Current LSA User MS-LSAT Get Current LSA User MS-LSAT - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/get-domain-sid/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/get-domain-sid/Get Domain SID Get Domain SID - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/get-domain-sid-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/get-domain-sid-ms-samr/Get Domain SID MS-SAMR Get Domain SID MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/get-service-display-name-ms-scmr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/get-service-display-name-ms-scmr/Get Service Display Name MS-SCMR Get Service Display Name MS-SCMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/get-username/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/get-username/Get Username Get Username - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/get-workstation-info-level-100-ms-wkst/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/get-workstation-info-level-100-ms-wkst/Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 100 MS-WKST - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/get-workstation-info-level-101-ms-wkst/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/get-workstation-info-level-101-ms-wkst/Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 101 MS-WKST - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/get-workstation-info-level-102-ms-wkst/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/get-workstation-info-level-102-ms-wkst/Get Workstation Info Level 102 MS-WKST Get Workstation Info Level 102 MS-WKST - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/group-administration/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/group-administration/Group Administration Group Administration - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Active Directory Fundamentals IAM Policies Identity and Access Management Fundamentals Identity Federation Pass the Hash Privileged Access Management User Administrationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/hostname-verification/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/hostname-verification/Hostname Verification Hostname Verification - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/hypervisors/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/hypervisors/Hypervisors Hypervisors - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/iam-policies/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/iam-policies/IAM Policies IAM Policies - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Active Directory Fundamentals Group Administration Identity and Access Management Fundamentals Identity Federation Pass the Hash Privileged Access Management User Administrationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/identity-and-access-management-fundamentals/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/identity-and-access-management-fundamentals/Identity and Access Management Fundamentals Identity and Access Management Fundamentals - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Active Directory Fundamentals Group Administration IAM Policies Identity Federation Pass the Hash Privileged Access Management User Administrationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/identity-federation/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/identity-federation/Identity Federation Identity Federation - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Active Directory Fundamentals Group Administration IAM Policies Identity and Access Management Fundamentals Pass the Hash Privileged Access Management User Administrationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/jail-breaking/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/jail-breaking/Jail Breaking Jail Breaking - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AlwaysInstallElevated Privilege Escalation Check Brute Force vs Password Spraying Windows Check HKCU AlwaysInstallElevated Check HKLM AlwaysInstallElevated DLL Hijacking Elevate Process to SYSTEM Enable SeDebugPrivilege Exploitation Enable WDigest for Credential Capture Lateral Movement Techniques Living Off the Land (LOTL) Techniques Maintaining Persistence Techniques Move File to Startup Folder Persistence via Startup Folder Privilege Escalation Techniques Python Jail Breaking Registry Kill Switchhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/lateral-movement-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/lateral-movement-techniques/Lateral Movement Techniques Lateral Movement Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AlwaysInstallElevated Privilege Escalation Check Brute Force vs Password Spraying Windows Check HKCU AlwaysInstallElevated Check HKLM AlwaysInstallElevated DLL Hijacking Elevate Process to SYSTEM Enable SeDebugPrivilege Exploitation Enable WDigest for Credential Capture Jail Breaking Living Off the Land (LOTL) Techniques Maintaining Persistence Techniques Move File to Startup Folder Persistence via Startup Folder Privilege Escalation Techniques Python Jail Breaking Registry Kill Switchhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/ldap-query/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/ldap-query/LDAP Query LDAP Query - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/living-off-the-land-lotl-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/living-off-the-land-lotl-techniques/Living Off the Land (LOTL) Techniques Living Off the Land (LOTL) Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AlwaysInstallElevated Privilege Escalation Check Brute Force vs Password Spraying Windows Check HKCU AlwaysInstallElevated Check HKLM AlwaysInstallElevated DLL Hijacking Elevate Process to SYSTEM Enable SeDebugPrivilege Exploitation Enable WDigest for Credential Capture Jail Breaking Lateral Movement Techniques Maintaining Persistence Techniques Move File to Startup Folder Persistence via Startup Folder Privilege Escalation Techniques Python Jail Breaking Registry Kill Switchhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/lookup-privilege-value-ms-lsad/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/lookup-privilege-value-ms-lsad/Lookup Privilege Value MS-LSAD Lookup Privilege Value MS-LSAD - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/maintaining-persistence-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/maintaining-persistence-techniques/Maintaining Persistence Techniques Maintaining Persistence Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AlwaysInstallElevated Privilege Escalation Check Brute Force vs Password Spraying Windows Check HKCU AlwaysInstallElevated Check HKLM AlwaysInstallElevated DLL Hijacking Elevate Process to SYSTEM Enable SeDebugPrivilege Exploitation Enable WDigest for Credential Capture Jail Breaking Lateral Movement Techniques Living Off the Land (LOTL) Techniques Move File to Startup Folder Persistence via Startup Folder Privilege Escalation Techniques Python Jail Breaking Registry Kill Switchhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/move-file-to-startup-folder/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/move-file-to-startup-folder/Move File to Startup Folder Move File to Startup Folder - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AlwaysInstallElevated Privilege Escalation Check Brute Force vs Password Spraying Windows Check HKCU AlwaysInstallElevated Check HKLM AlwaysInstallElevated DLL Hijacking Elevate Process to SYSTEM Enable SeDebugPrivilege Exploitation Enable WDigest for Credential Capture Jail Breaking Lateral Movement Techniques Living Off the Land (LOTL) Techniques Maintaining Persistence Techniques Persistence via Startup Folder Privilege Escalation Techniques Python Jail Breaking Registry Kill Switchhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/ms-rprn-abuse/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/ms-rprn-abuse/MS-RPRN Abuse MS-RPRN Abuse - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/open-a-domain-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/open-a-domain-ms-samr/Open a Domain MS-SAMR Open a Domain MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/open-a-group-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/open-a-group-ms-samr/Open a Group MS-SAMR Open a Group MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/open-a-user-account-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/open-a-user-account-ms-samr/Open a User Account MS-SAMR Open a User Account MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/open-an-alias-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/open-an-alias-ms-samr/Open an Alias MS-SAMR Open an Alias MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/open-lsad-policy-handle-ms-lsad/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/open-lsad-policy-handle-ms-lsad/Open LSAD Policy Handle MS-LSAD Open LSAD Policy Handle MS-LSAD - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/pass-the-hash/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/pass-the-hash/Pass the Hash Pass the Hash - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Active Directory Fundamentals Group Administration IAM Policies Identity and Access Management Fundamentals Identity Federation Privileged Access Management User Administrationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/permissions/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/permissions/Permissions Permissions - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/persistence-via-startup-folder/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/persistence-via-startup-folder/Persistence via Startup Folder Persistence via Startup Folder - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AlwaysInstallElevated Privilege Escalation Check Brute Force vs Password Spraying Windows Check HKCU AlwaysInstallElevated Check HKLM AlwaysInstallElevated DLL Hijacking Elevate Process to SYSTEM Enable SeDebugPrivilege Exploitation Enable WDigest for Credential Capture Jail Breaking Lateral Movement Techniques Living Off the Land (LOTL) Techniques Maintaining Persistence Techniques Move File to Startup Folder Privilege Escalation Techniques Python Jail Breaking Registry Kill Switchhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/powershell/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/powershell/PowerShell PowerShell - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/powershell-security/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/powershell-security/PowerShell Security PowerShell Security - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/print-os-version/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/print-os-version/Print OS Version Print OS Version - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/privilege-escalation-techniques/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/privilege-escalation-techniques/Privilege Escalation Techniques Privilege Escalation Techniques - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AlwaysInstallElevated Privilege Escalation Check Brute Force vs Password Spraying Windows Check HKCU AlwaysInstallElevated Check HKLM AlwaysInstallElevated DLL Hijacking Elevate Process to SYSTEM Enable SeDebugPrivilege Exploitation Enable WDigest for Credential Capture Jail Breaking Lateral Movement Techniques Living Off the Land (LOTL) Techniques Maintaining Persistence Techniques Move File to Startup Folder Persistence via Startup Folder Python Jail Breaking Registry Kill Switchhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/privileged-access-management/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/privileged-access-management/Privileged Access Management Privileged Access Management - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Active Directory Fundamentals Group Administration IAM Policies Identity and Access Management Fundamentals Identity Federation Pass the Hash User Administrationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/process-enumeration/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/process-enumeration/Process Enumeration Process Enumeration - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/python-jail-breaking/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/python-jail-breaking/Python Jail Breaking Python Jail Breaking - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AlwaysInstallElevated Privilege Escalation Check Brute Force vs Password Spraying Windows Check HKCU AlwaysInstallElevated Check HKLM AlwaysInstallElevated DLL Hijacking Elevate Process to SYSTEM Enable SeDebugPrivilege Exploitation Enable WDigest for Credential Capture Jail Breaking Lateral Movement Techniques Living Off the Land (LOTL) Techniques Maintaining Persistence Techniques Move File to Startup Folder Persistence via Startup Folder Privilege Escalation Techniques Registry Kill Switchhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-active-directory-site-name-ms-nrpc/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-active-directory-site-name-ms-nrpc/Query Active Directory Site Name MS-NRPC Query Active Directory Site Name MS-NRPC - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-cfg-status/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-cfg-status/Query CFG Status Query CFG Status - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-dns-domain-information-ms-lsad/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-dns-domain-information-ms-lsad/Query DNS Domain Information MS-LSAD Query DNS Domain Information MS-LSAD - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-domain-controller-information-ms-nrpc/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-domain-controller-information-ms-nrpc/Query Domain Controller Information MS-NRPC Query Domain Controller Information MS-NRPC - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-dssp-operation-state-ms-dssp/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-dssp-operation-state-ms-dssp/Query DSSP Operation State MS-DSSP Query DSSP Operation State MS-DSSP - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-dssp-primary-domain-info-ms-dssp/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-dssp-primary-domain-info-ms-dssp/Query DSSP Primary Domain Info MS-DSSP Query DSSP Primary Domain Info MS-DSSP - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-dssp-upgrade-status-ms-dssp/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-dssp-upgrade-status-ms-dssp/Query DSSP Upgrade Status MS-DSSP Query DSSP Upgrade Status MS-DSSP - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/query-extended-service-status/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/query-extended-service-status/Query Extended Service Status Query Extended Service Status - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-extended-service-status-ms-scmr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-extended-service-status-ms-scmr/Query Extended Service Status MS-SCMR Query Extended Service Status MS-SCMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/query-remote-registry-key/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/query-remote-registry-key/Query Remote Registry Key Query Remote Registry Key - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/query-remote-service/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/query-remote-service/Query Remote Service Query Remote Service - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-rpc-runtime-statistics-c706-mgmt/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-rpc-runtime-statistics-c706-mgmt/Query RPC Runtime Statistics C706-MGMT Query RPC Runtime Statistics C706-MGMT - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/query-service-configuration-ms-scmr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/query-service-configuration-ms-scmr/Query Service Configuration MS-SCMR Query Service Configuration MS-SCMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-smb-share-permissions/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-smb-share-permissions/Query SMB Share Permissions Query SMB Share Permissions - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-user-account-control-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-user-account-control-ms-samr/Query User Account Control MS-SAMR Query User Account Control MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-user-general-info-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-user-general-info-ms-samr/Query User General Info MS-SAMR Query User General Info MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-user-home-info-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-user-home-info-ms-samr/Query User Home Info MS-SAMR Query User Home Info MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-user-logon-info-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-user-logon-info-ms-samr/Query User Logon Info MS-SAMR Query User Logon Info MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-user-parameters-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-user-parameters-ms-samr/Query User Parameters MS-SAMR Query User Parameters MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-user-preferences-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-user-preferences-ms-samr/Query User Preferences MS-SAMR Query User Preferences MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-username-info-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/query-username-info-ms-samr/Query Username Info MS-SAMR Query Username Info MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/read-process-memory-via-pread/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/read-process-memory-via-pread/Read Process Memory via Pread Read Process Memory via Pread - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/registry-interaction/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/registry-interaction/Registry Interaction Registry Interaction - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/registry-key-interaction/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/registry-key-interaction/Registry Key Interaction Registry Key Interaction - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/registry-kill-switch/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/registry-kill-switch/Registry Kill Switch Registry Kill Switch - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: AlwaysInstallElevated Privilege Escalation Check Brute Force vs Password Spraying Windows Check HKCU AlwaysInstallElevated Check HKLM AlwaysInstallElevated DLL Hijacking Elevate Process to SYSTEM Enable SeDebugPrivilege Exploitation Enable WDigest for Credential Capture Jail Breaking Lateral Movement Techniques Living Off the Land (LOTL) Techniques Maintaining Persistence Techniques Move File to Startup Folder Persistence via Startup Folder Privilege Escalation Techniques Python Jail Breakinghttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/registry-modifications/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/registry-modifications/Registry Modifications Registry Modifications - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/resolve-names-to-rids-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/resolve-names-to-rids-ms-samr/Resolve Names to RIDs MS-SAMR Resolve Names to RIDs MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/resolve-rids-to-names-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/resolve-rids-to-names-ms-samr/Resolve RIDs to Names MS-SAMR Resolve RIDs to Names MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/retrieve-domain-computers/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/retrieve-domain-computers/Retrieve Domain Computers Retrieve Domain Computers - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/retrieve-domain-groups/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/retrieve-domain-groups/Retrieve Domain Groups Retrieve Domain Groups - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/retrieve-domain-user-descriptions/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/retrieve-domain-user-descriptions/Retrieve Domain User Descriptions Retrieve Domain User Descriptions - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/retrieve-domain-users-with-all-attributes/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/retrieve-domain-users-with-all-attributes/Retrieve Domain Users with All Attributes Retrieve Domain Users with All Attributes - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/retrieve-mac-address-via-netbios/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/retrieve-mac-address-via-netbios/Retrieve MAC Address via NetBIOS Retrieve MAC Address via NetBIOS - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/retrieve-ms-ds-machineaccountquota/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/retrieve-ms-ds-machineaccountquota/Retrieve MS-DS-MachineAccountQuota Retrieve MS-DS-MachineAccountQuota - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/retrieve-private-data-ms-lsad/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/retrieve-private-data-ms-lsad/Retrieve Private Data MS-LSAD Retrieve Private Data MS-LSAD - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve TXT Records RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/retrieve-txt-records/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/retrieve-txt-records/Retrieve TXT Records Retrieve TXT Records - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD RID to SID MS-SAMR Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/rid-to-sid-ms-samr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/rid-to-sid-ms-samr/RID to SID MS-SAMR RID to SID MS-SAMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records Share Enumerationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/scheduled-tasks-and-cron-jobs/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/scheduled-tasks-and-cron-jobs/Scheduled Tasks and Cron Jobs Scheduled Tasks and Cron Jobs - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/service-control-manager-interaction/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/service-control-manager-interaction/Service Control Manager Interaction Service Control Manager Interaction - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/service-creation-and-manipulation/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/service-creation-and-manipulation/Service Creation and Manipulation Service Creation and Manipulation - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/share-enumeration/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory-enumeration/share-enumeration/Share Enumeration Share Enumeration - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Anonymous SMB Login Bind to ATSVC via Named Pipe Bind to BKRP via Named Pipe Bind to EPM via Named Pipe Bind to LSAD via Named Pipe Bind to LSAT via Named Pipe Bind to NRPC via Named Pipe Bind to RPRN via Named Pipe Bind to RRP via Named Pipe Bind to SAMR via Named Pipe Bind to SCMR via Named Pipe Bind to SRVS via Named Pipe Bind to WKST via Named Pipe Check If RPC Server Is Listening C706 Mgmt Connect to SAMR Server MS-SAMR Create a Group MS-SAMR Delete a Group MS-SAMR Domain Join Check Enumerate A Domain Groups Members Enumerate Accounts with Password Never Expiring Enumerate Aliases MS-SAMR Enumerate All Groups in the Domain Enumerate AS-REP Roastable Accounts Enumerate Connections MS-SRVS Enumerate Disabled User Accounts Enumerate Domain Admins Members Enumerate Domain Computers by Keyword Enumerate Domains MS-SAMR Enumerate Electron Fuses Enumerate Group Policy Objects (GPOs) Enumerate Groups MS-SAMR Enumerate Locked Out User Accounts Enumerate Logged On Users Level 0 MS-WKST Enumerate Logged On Users Level 1 MS-WKST Enumerate LSAD Accounts MS-LSAD Enumerate Must Change Password Accounts Enumerate NetBIOS Names Enumerate Organizational Units (OUs) Enumerate Process Memory Maps Enumerate Protected Admin Users Enumerate Remote Host Enumerate RPC Interfaces C706-MGMT Enumerate System Privileges MS-LSAD Enumerate User Service Accounts SPN Enumerate UserPassword Attribute Enumerate Users MS-SAMR Enumerate Users Requiring Smartcard for Logon Enumerate Users Who Never Logged In Enumerate Users with Password Never Expiring Enumerate Users with Password Not Required Enumerate Users with Reversible Encryption Enabled Enumerate Workstation Transports Level 0 MS-WKST Get Current LSA User MS-LSAT Get Domain SID MS-SAMR Get Service Display Name MS-SCMR Get Username Get Workstation Info Level 100 MS-WKST Get Workstation Info Level 101 MS-WKST Get Workstation Info Level 102 MS-WKST LDAP Query Lookup Privilege Value MS-LSAD MS-RPRN Abuse Open a Domain MS-SAMR Open a Group MS-SAMR Open a User Account MS-SAMR Open an Alias MS-SAMR Open LSAD Policy Handle MS-LSAD Process Enumeration Query Active Directory Site Name MS-NRPC Query CFG Status Query DNS Domain Information MS-LSAD Query Domain Controller Information MS-NRPC Query DSSP Operation State MS-DSSP Query DSSP Primary Domain Info MS-DSSP Query DSSP Upgrade Status MS-DSSP Query Extended Service Status MS-SCMR Query RPC Runtime Statistics C706-MGMT Query SMB Share Permissions Query User Account Control MS-SAMR Query User General Info MS-SAMR Query User Home Info MS-SAMR Query User Logon Info MS-SAMR Query User Parameters MS-SAMR Query User Preferences MS-SAMR Query Username Info MS-SAMR Resolve Names to RIDs MS-SAMR Resolve RIDs to Names MS-SAMR Retrieve Domain Computers Retrieve Domain Groups Retrieve Domain User Descriptions Retrieve Domain Users with All Attributes Retrieve MAC Address via NetBIOS Retrieve MS-DS-MachineAccountQuota Retrieve Private Data MS-LSAD Retrieve TXT Records RID to SID MS-SAMRhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/start-a-service-ms-scmr/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/start-a-service-ms-scmr/Start a Service MS-SCMR Start a Service MS-SCMR - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/start-local-remote-service/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/start-local-remote-service/Start Local Remote Service Start Local Remote Service - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/start-remote-registry/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/start-remote-registry/Start Remote Registry Start Remote Registry - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service User Access Control (UAC) Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/user-access-control-uac/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/user-access-control-uac/User Access Control (UAC) User Access Control (UAC) - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry Virtualization Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/user-administration/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/active-directory/user-administration/User Administration User Administration - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Active Directory Fundamentals Group Administration IAM Policies Identity and Access Management Fundamentals Identity Federation Pass the Hash Privileged Access Managementhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/virtualization/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/virtualization/Virtualization Virtualization - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Windows Administration Fundamentalshttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/Windows Administration Windows Administration - core Windows system administration tasks including user management, registry operations, services, and remote access. Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualization Windows Administration Fundamentals Related Links: Active Directory Active Directory Enumeration Create Shortcut via IShellLink COM Interface File Creation File Operations Windows Exploitation Write File to Diskhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/windows-administration-fundamentals/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-administration/windows-administration-fundamentals/Windows Administration Fundamentals Windows Administration Fundamentals - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Add User to Local Group Check Process Admin Privileges Kernel Check Process Elevation Status Check Token Elevation Status via NtQueryInformationToken Create Local Remote Service Create Local User Create Local User Account Create Remote Service Delete Remote Service Disk Interaction Enable Disable RDP Enable Disable Restricted Admin Enable Remote Desktop via Registry Get Domain SID Hostname Verification Hypervisors Permissions PowerShell PowerShell Security Print OS Version Query Extended Service Status Query Remote Registry Key Query Remote Service Query Service Configuration MS-SCMR Read Process Memory via Pread Registry Interaction Registry Key Interaction Registry Modifications Scheduled Tasks and Cron Jobs Service Control Manager Interaction Service Creation and Manipulation Start a Service MS-SCMR Start Local Remote Service Start Remote Registry User Access Control (UAC) Virtualizationhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/windows-exploitation/Windows Exploitation Windows Exploitation - techniques for escalating privileges, moving laterally, and maintaining persistence in Windows environments post-compromise. AlwaysInstallElevated Privilege Escalation Check Brute Force vs Password Spraying Windows Check HKCU AlwaysInstallElevated Check HKLM AlwaysInstallElevated DLL Hijacking Elevate Process to SYSTEM Enable SeDebugPrivilege Exploitation Enable WDigest for Credential Capture Jail Breaking Lateral Movement Techniques Living Off the Land (LOTL) Techniques Maintaining Persistence Techniques Move File to Startup Folder Persistence via Startup Folder Privilege Escalation Techniques Python Jail Breaking Registry Kill Switch Related Links: Active Directory Active Directory Enumeration Create Shortcut via IShellLink COM Interface File Creation File Operations Windows Administration Write File to Diskhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/Windows Security and Administration Windows Security and Administration - Windows OS administration, Active Directory management, security hardening, and post-exploitation techniques. Active Directory Active Directory Enumeration Create Shortcut via IShellLink COM Interface File Creation File Operations Windows Administration Windows Exploitation Write File to Disk Related Links: Application Security Bash Burp Suite Cryptography Cybersecurity Encryption Firewalls Ghidra Hashing Incident Response and Forensics Information Security Models Linux Operating System Malware Analysis Malware Development Network Security Nginx Nmap Obfuscation and Detection Evasion Offensive Phishing Operations Ransomware SOC and Detection Engineering Social Engineering Threat Modeling Wiresharkhttps://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/write-file-to-disk/Mon, 01 Jan 0001 00:00:00 +0000https://r0tbyt3.dev/wiki/content/cybersecurity/windows-security-and-administration/write-file-to-disk/Write File to Disk Write File to Disk - a cybersecurity concept, technique, or tool relevant to this section of the wiki. Related Links: Active Directory Active Directory Enumeration Create Shortcut via IShellLink COM Interface File Creation File Operations Windows Administration Windows Exploitation