AD Security

Active Directory Security Assessment

Focused assessment of on-premise Active Directory and hybrid Entra ID environments. Identifies privilege escalation paths, Kerberos abuse, ACL misconfigurations, and Tier 0 exposure using BloodHound, Kerberoasting, and ASREPRoasting techniques.

Domain EnumerationPrivileged Access (Tier 0)Kerberos AbuseBloodHound Attack PathsTrust & Hybrid Mapping
Scope-based quote+ taxes
Contact usAll services
Process
6
phases
AI
4
tools
You get
7
deliverables

How it runs

  1. 01

    Domain Enumeration

    Enumerate domains, forests, sites, OUs, group policies, and account inventory. Capture configuration baselines and identify legacy artefacts left over from past administrators.

  2. 02

    Trust & Hybrid Mapping

    Map domain and forest trusts, Entra ID Connect sync configuration, and federation setup. Identify trust direction, transitivity, and SID filtering gaps that enable cross-trust escalation.

  3. 03

    Privileged Access Analysis

    Inventory Tier 0 assets: domain controllers, ADCS, ADFS, sync servers, and admin workstations. Audit Domain Admin, Enterprise Admin, and protected group membership and delegation.

  4. 04

    BloodHound Attack Paths

    Run BloodHound collection, analyse shortest paths to Tier 0, and identify ACL abuse, group nesting, GPO exposure, and constrained or unconstrained delegation issues.

  5. 05

    Kerberos & Credential Abuse

    Test for Kerberoasting, ASREPRoasting, weak service account passwords, AD CS misconfigurations (ESC1 to ESC11), and credential exposure through SYSVOL or LAPS misuse.

  6. 06

    Tiered Remediation Report

    Deliver findings organised by Microsoft tier model, with prioritised remediation, hardening guides, and a long-term plan toward a Tier 0 isolation posture.

AI assist

ai-toolkit.sh
AI-Assisted
$ cat tools.list
01
Attack Path ModellingAnalyse BloodHound graphs to surface non-obvious paths and chained ACL abuse
02
GPO Configuration AnalysisParse Group Policy at scale to flag insecure baselines and drifted configurations
03
ACL Abuse DetectionHighlight over-permissive ACEs that lead to privilege escalation across the directory
04
Credential Hygiene ScoringScore account hygiene across stale, privileged, and service accounts to focus cleanup
$ _

What you receive

  • AD security assessment report
  • BloodHound graphs and attack path analysis
  • Tier 0 inventory and exposure findings
  • Kerberos and AD CS abuse findings
  • Trust and hybrid configuration review
  • Tier-aligned remediation roadmap
  • Hardening checklist for ongoing operations

Ready to scope this engagement?

Every engagement is scoped individually. Get a tailored quote within 24 hours.

Request a Quote
Active Directory Security AssessmentContact us