Network Infiltration: Pen-Testing Internal Networks & Active Directory: End-to-End Field Manual to Understand how Windows Domains, Active Directory, and Core Administration Protocols Work in Practice
Network Infiltration: Pen-Testing Internal Networks & Active Directory: End-to-End Field Manual to Understand how Windows Domains, Active Directory, and Core Administration Protocols Work in Practice
Today, Network Infiltration: Pen-Testing Internal Networks & Active Directory is released-a practical, defense-oriented roadmap to understanding and assessing Windows enterprise networks. Rather than offering tool lists, the book teaches practitioners to think like assessors: define scope, gather the right telemetry, map behaviors to MITRE ATT&CK, and communicate findings leaders can act on. What's inside The book demystifies how authentication and authorization actually work in practice-Kerberos, NTLM, tokens, SIDs, ...
Read More
Today, Network Infiltration: Pen-Testing Internal Networks & Active Directory is released-a practical, defense-oriented roadmap to understanding and assessing Windows enterprise networks. Rather than offering tool lists, the book teaches practitioners to think like assessors: define scope, gather the right telemetry, map behaviors to MITRE ATT&CK, and communicate findings leaders can act on. What's inside The book demystifies how authentication and authorization actually work in practice-Kerberos, NTLM, tokens, SIDs, SPNs-and shows how Group Policy, delegations, and trust topology shape exposure. Readers build a small, offline lab to observe identity flows on the wire and in logs, deploy Sysmon alongside Windows Event IDs, and integrate signal into SIEM/EDR/UEBA pipelines. The result is a repeatable way to establish baselines, detect what matters, and harden what counts. Who it serves Security engineers, detection analysts, incident responders, red/purple teamers, architects, admins-anyone responsible for the safety and reliability of Windows environments. Key takeaways Clear mental models for AD, GPOs, trusts, and admin protocols A safe, reproducible offline lab and build scripts Curated Windows Event and Sysmon IDs that surface meaningful behaviors Practical hardening: tiering, LAPS hygiene, Credential Guard, auditing that works Reporting patterns that tie technical signal to business risk Chapter 0 - Foundations & Acronyms Chapter 1 - Assessment Mindset & Methodology Chapter 2 - Building the Safe Lab Chapter 3 - Identity 101 in Windows Domains Chapter 4 - Kerberos in the Real World Chapter 5 - NTLM and Legacy Realities Chapter 6 - Directory Objects, Delegations & RBAC Chapter 7 - Group Policy Deep Dive Chapter 8 - Trusts, Forests, and Boundaries Chapter 9 - Name Resolution & Identity Discovery Chapter 10 - Admin Protocols I: SMB, RPC/DCOM Chapter 11 - Admin Protocols II: WMI & WinRM Chapter 12 - Remote Access: RDP & NLA Chapter 13 - Secrets & Protections: LSASS, LSA, SSO Chapter 14 - Telemetry Architecture Chapter 15 - SIEM/EDR/UEBA Integration Chapter 16 - Behaviors that Matter (MITRE ATT&CK) Chapter 17 - Hardening the Enterprise Chapter 18 - Designing for Resilience Chapter 19 - Executive Reporting & Risk Communication Chapter 20 - Putting It All Together Appendices A. Checklists & Templates (Scope, ROE, Evidence Logs) B. Event ID & Sysmon Quick Reference C. Lab Topologies & Build Scripts (Safe, Offline)
Read Less
Add this copy of Network Infiltration: Pen-Testing Internal Networks & to cart. $19.31, new condition, Sold by Ingram Customer Returns Center rated 5.0 out of 5 stars, ships from NV, USA, published 2025 by Independently Published.
