Passive Aggression
This repo contains test samples and proof-of-concept code for achieving passive persistence in Active Directory (AD) environments, even after remediation efforts. Some of these techniques may result in an eternal persistence scenario, where an attacker does not need to have access to domain controllers or domain joined machines, allowing them to continuously persist in the network without detection.
Blog:
• How to achieve eternal persistence in an Active Directory environment - Part 1
• How to Achieve Eternal Persistence Part 2: Outliving the Krbtgt Password Reset
• How to Achieve Eternal Persistence Part 3: How to access and recover replicated secrets
This repo contains test samples and proof-of-concept code for achieving passive persistence in Active Directory (AD) environments, even after remediation efforts. Some of these techniques may result in an eternal persistence scenario, where an attacker does not need to have access to domain controllers or domain joined machines, allowing them to continuously persist in the network without detection.
Blog:
• How to achieve eternal persistence in an Active Directory environment - Part 1
• How to Achieve Eternal Persistence Part 2: Outliving the Krbtgt Password Reset
• How to Achieve Eternal Persistence Part 3: How to access and recover replicated secrets