adPEAS v2 Episode 9: Tips & Tricks - The Hidden Tools in adPEAS
Hidden productivity boosters in adPEAS v2: Show-Object, KnownSPN discovery, dangerous ACL analysis, EPA testing, account activity filters, certificate analysis, and more.
Blog series on adPEAS v2 — Active Directory analysis with native Kerberos in pure PowerShell
[*] Accessing category: adPEAS
[+] Database query returned 9 results
root@sekurity:~/categories/adPEAS$ _
Hidden productivity boosters in adPEAS v2: Show-Object, KnownSPN discovery, dangerous ACL analysis, EPA testing, account activity filters, certificate analysis, and more.
Deep dive into the Kerberos protocol internals as implemented by adPEAS v2: ASN.1 encoding, key derivation, encryption algorithms, message structures, and why attacks like Kerberoasting work.
Hands-on guide to adPEAS v2 offensive capabilities: privilege escalation, persistence, lateral movement, GPO abuse, ADCS exploitation, and Kerberos ticket forging.
How adPEAS v2 turns scan results into actionable output: color-coded console, interactive HTML reports, incremental scanning, offline conversion, and report diffing.
Complete overview of adPEAS v2 security check modules: Domain, Accounts, Delegation, Rights, Creds, ADCS, Computer, GPO, and Application checks for Active Directory.
Deep dive into adPEAS v2 authentication: Kerberos internals, Pass-the-Hash, Pass-the-Key, PKINIT with certificates, Shadow Credentials, and Pass-the-Cert via Schannel.
What happens when adPEAS scans an Active Directory? From authentication and LDAP queries to context-dependent severity ratings and caching -- a look under the hood.
Introducing adPEAS v2 — a complete rewrite of the PowerShell-based Active Directory analysis tool with native Kerberos support, zero dependencies, and over 40 security checks.
root@sekurity:~/categories/adPEAS$ echo "Query complete"
Query complete
root@sekurity:~/categories/adPEAS$ _