Hacking & Defending Active Directory

One of the most common tools to structure and organize users and computers in a business environment is Microsoft’s Active Directory. However, Active Directory also happens to be one of the most exploited tools that hackers utilize to gain access to corporate networks. This live Active Directory training class will not only teach you the most common exploits hackers use to break into networks, it will also teach you the steps that you need to take to remediate and patch these exploits. You’ll gain practical skills and knowledge that can be immediately applied to secure your environment.

Course Details

Price:

$699.00

Days:

Location:

Course Overview

Understand the structure and components of Active Directory, including both physical and logical elements Identify and defend against common pre-compromise Active Directory attacks such as LLMNR poisoning, SMB relay, IPv6 spoofing, AS-REP roasting, and passback attacks Use key post-compromise enumeration tools (e.g., BloodHound, PingCastle) to assess AD environments and recognize common administrative misconfigurations Analyze and defend against post-compromise attacks including Kerberoasting, token impersonation, credential dumping, and persistence techniques Adopt an attacker’s mindset to better anticipate and mitigate real-world AD exploitation tactics Apply lessons from real penetration test case studies to strengthen Active Directory security posture

This is a beginner level class, but students should have basic knowledge of computers and networking. CompTIA A+/Net+ knowledge equivalent or the free Practical Help Desk course in TCM Security Academy will prepare you to take this class.

Active Directory Overview

What is Active Directory?
Physical Active Directory Components
Logical Active Directory Components

Pre-Compromise AD Attacks and Defenses

LLMNR Poisoning Attacks and Defenses?
SMB Relay Attacks and Defenses?
IPv6 Attacks and Defenses?
AS-REP Roasting Attacks and Defenses?
Passback Attacks and Defenses?
Inside the Attacker’s Mindset?

Post-Compromise AD Enumeration

Reviewing common enumeration tools, such as: Bloodhound, Plumhound, Pingcastle, ldapdomaindump, and much more
Understanding common mistakes from an Administrator’s perspective

Post-Compromise AD Attacks and Defenses

Pass Attacks and Defenses
Kerberoasting Attacks and Defenses
Token Impersonation Attacks and Defenses
URL File Attacks and Defenses
GPP Attacks and Defenses
Credential Dumping Attacks and Defenses
Persistence Attacks and Defenses
Inside the Attacker’s Mindset – Revisited

AD Case Studies

Real case studies from real pentests AKA “How they got owned”

Class Dates & Times


06/26/2026 Virtual 09:00:00 to 16:00:00 EST Enroll Now $699.00
07/24/2026 Virtual 09:00:00 to 16:00:00 EST Enroll Now $699.00
09/18/2026 Virtual 09:00:00 to 16:00:00 EST Enroll Now $699.00
10/16/2026 Virtual 09:00:00 to 16:00:00 EST Enroll Now $699.00
12/11/2026 Virtual 09:00:00 to 16:00:00 EST Enroll Now $699.00

— Questions?

Information Request

— Empower Change

Invest in Skills & Equality

Support Diversity, Equity, and Inclusion with Every Purchase.

Great Horizons is a North Carolina Certified HUB Vendor and WOSB. By becoming a patron of our organization, you are not only supporting a historically underutilized business, but a woman-owned small business as well.

Student? Switch to our Career Center Site →