Active Directory Members Only

Active Directory Tiering & Hardening

AD tiering is the architectural approach that breaks the lateral movement chain by preventing credentials from crossing privilege boundaries. Tier 0 admins never log into Tier 1 servers. Tier 1 admins never log onto Tier 2 workstations. Combined with PAWs, Credential Guard, Protected Users, and Authentication Policies, this is what a hardened AD environment looks like.

Related Articles

Related Cheatsheets

4
active-directory

Responder — LLMNR/NBT-NS Poisoning

Responder poisons LLMNR, NBT-NS, and mDNS to capture NTLMv2 hashes from Windows hosts on t…

169 views
active-directory

NetExec (CrackMapExec) — AD Lateral Movement

NetExec (nxc) — the Swiss Army knife for Windows/AD lateral movement, credential spraying,…

150 views
active-directory

Impacket — Windows & Active Directory Attacks

Impacket Python library with tools for SMB, MSRPC, Kerberos, NTLM, WMI, and AD attacks.

150 views
network-pentest

Nmap — Network Scanning & Enumeration

Complete Nmap reference for host discovery, port scanning, service detection, and NSE scri…

135 views

Related Courses

3
⭐ Premium
Intermediate

Network Penetration Testing

From host discovery to Active Directory attacks

3 · 8.2h
Beginner

Networking Fundamentals for Pentesters

Understand how networks actually work — so you can break them. TCP/IP, routing, protocols,…

1 · 5.9h
⭐ Premium
Intermediate

Windows Privilege Escalation — Complete Course

From whoami /priv to NT AUTHORITY\SYSTEM — every technique, tool, and HTB/THM/PG practice …

1 · 8.0h