Ldap

The configuring-active-directory-tiered-model skill helps design and audit Microsoft ESAE-style Active Directory tier separation. Use this configuring-active-directory-tiered-model guide to review Tier 0/1/2 access, PAWs, admin boundaries, credential exposure, and security-audit findings with clearer implementation context.

configuring-ldap-security-hardening helps security engineers and auditors assess LDAP risks, including anonymous bind, weak signing, missing LDAPS, and channel binding gaps. Use this configuring-ldap-security-hardening guide to review the reference docs, run the Python audit helper, and produce practical remediation for a Security Audit.

conducting-domain-persistence-with-dcsync guide for authorized Active Directory security audit work. Learn install, usage, and workflow notes to assess DCSync rights, KRBTGT exposure, Golden Ticket risk, and remediation steps using the included scripts, references, and report template.

analyzing-active-directory-acl-abuse helps security auditors and incident responders inspect Active Directory nTSecurityDescriptor data with ldap3 to spot abuse paths like GenericAll, WriteDACL, and WriteOwner on users, groups, computers, and OUs.