Active Directory Members Only

Fine-Grained Password Policies

Fine-Grained Password Policies let AD apply different password requirements to different accounts — stricter for admins, relaxed for service accounts. Finding accounts with weaker PSOs gives you better odds at password spraying. Misconfigured PSOs that apply to large groups can weaken entire populations of accounts. This covers PSO enumeration and the full abuse chain.

Related Articles

Related Cheatsheets

4
active-directory

Responder — LLMNR/NBT-NS Poisoning

Responder poisons LLMNR, NBT-NS, and mDNS to capture NTLMv2 hashes from Windows hosts on t…

170 views
active-directory

Impacket — Windows & Active Directory Attacks

Impacket Python library with tools for SMB, MSRPC, Kerberos, NTLM, WMI, and AD attacks.

152 views
active-directory

NetExec (CrackMapExec) — AD Lateral Movement

NetExec (nxc) — the Swiss Army knife for Windows/AD lateral movement, credential spraying,…

151 views
network-pentest

Nmap — Network Scanning & Enumeration

Complete Nmap reference for host discovery, port scanning, service detection, and NSE scri…

137 views

Related Courses

3
⭐ Premium
Intermediate

Network Penetration Testing

From host discovery to Active Directory attacks

4 · 8.2h
Beginner

Networking Fundamentals for Pentesters

Understand how networks actually work — so you can break them. TCP/IP, routing, protocols,…

1 · 5.9h
⭐ Premium
Intermediate

Windows Privilege Escalation — Complete Course

From whoami /priv to NT AUTHORITY\SYSTEM — every technique, tool, and HTB/THM/PG practice …

1 · 8.0h