Abuse ACL access over groups
Use access rights over a group to add users
Use access rights over a group to add users
Use access rights over a user to take over that user account.
Abuse of ACL access rights to achieve lateral movement
Abuse Active Directory Certificate Service to achieve lateral movement and total domain compromise.
Take advantage of users with no Kerberos pre-authentication requirements and recover their password
Request certificate as another user with enrollee-supplied subject
Request certificate on behalf of another user with a enrollment agent certificate
Leverage vulnerable certificate access control to escalate privileges.
Read the NT password hash of Group Managed Service Accounts (gMSA)
The classic AD privilege escalation technique to crack the passwords of service accounts offline
Abusing the ticket-based authentication and authorization protocol that governs the operation of Active Directory
Move from account to account, service to service, and machine to machine while escalating your privileges until you compromise the domain.
Become root!
Gather information necessary for privilege escalation on Linux
Exploit misconfigured user and group permissions to escalation privileges
Elevate privileges from a standard user and take over the target system
Exploit highly-privileged group membership to obtain root access.
Leverage executables with setuid permissions to escalate privileges
Impersonate any user to a service by crafting service tickets
Exploit misconfigured sudo privileges to escalation privileges
Become Administrator (or SYSTEM)!