Attack and Detect: MSSQL & Active Directory Attack vs Security Onion & Splunk

Lets complete an OSCP like Windows VM called DC:5 that i created and detect the traffic in security onion for analysis.
1)Gain initial access via attacking microsoft mssql service
2)Lets enumerate AD and go crazy
3)Look at attack traffic in security onion

This is a great beginner friendly machine that will show us how to enumerate windows active directory and gain access to a remote system and we can analyze the attack traffic in security onion so we can see what defenders see.

Comments are closed.