Securing Active Directory: 3 misconfigurations you should know | Learn with HTB (Episode 9)

Channel:
Hack The Box
Subscribers:
63,300
Published on ● Video Link: https://www.youtube.com/watch?v=wZLhShARQ0o


Duration: 0:00
2,070 views
88

#ActiveDirectory is the backbone of enterprise networks, but simple misconfigurations make it an easy target for attackers. In this #LearnwithHTB video, @Cyber Studies will break down the most common #AD security mistakes, including AS-REP Roasting, unconstrained delegation, and LLMNR/NBT-NS poisoning.

Don't forget about our Easter Egg 🥚
Write the hidden flag in the comments below, and you could be the lucky person to win a Silver Annual subscription to HTB Academy!

Learn how attackers exploit #AD misconfigurations and, more importantly, how to fix them.

0:00 Introduction
0:29 Common Active Directory Misconfigurations
0:32 Kerberos Pre-Authentication
2:20 Unconstrained Delegation
3:15 Link-Local Multicast Name Resolution
4:43 Securing AD Practices


How to become a SOC analyst? Get started with our HTB CDSA path and certification: hhttps://bit.ly/44SqE3XFind our #DFIR labs and Detecting Active Directory Attacks Track on HTB Labs: hhttps://bit.ly/3yBH1Gc



Other Videos By Hack The Box


2025-05-08A guide to CTFs for competitive teams | Hack The Box
2025-05-05This is why your team FLOPS at #CTFs 😤 #capturetheflag
2025-04-29Introducing the new User Management Interface | Hack The Box
2025-04-24These are the TOP 3 LLM #security risks ⚠️
2025-04-23How to get started with AI Red Teaming 🥷
2025-04-16The truth about AI attack vectors | Learn with HTB (Episode 10)
2025-04-16HTB Updates | What's new in Q1 2025?
2025-04-11How to proactively secure your #ActiveDirectory environment | Step-by-step guide 👣
2025-04-08How to secure #ActiveDirectory step-by-step
2025-04-05What explaining #security measures to your colleagues feels like 😩
2025-04-03Securing Active Directory: 3 misconfigurations you should know | Learn with HTB (Episode 9)
2025-04-02We benchmarked 5,000 Cyber Pros | Cyber Attack Readiness Report
2025-03-28Crossing the Streams - Cross-Domain Knowledge in InfoSec with Ryan Gordon
2025-03-27Global Cyber Skills Benchmark 2025: Operation Blackout | Hack The Box
2025-03-26Cyber Apocalypse Day Finale | Extracting information from MFT records
2025-03-26Cyber Apocalypse 2025: Extracting information from MFT records by @Cyber Studies
2025-03-25Cyber Apocalypse Day #5: Ippsec attacks the testimonial GRPC webapp
2025-03-25Cyber Apocalypse 2025: Ippsec attacks the testimonial GRPC webapp by @ippsec
2025-03-24Cyber Apocalypse Day #4: SQL injection and password cracking by @panawesome
2025-03-24Cyber Apocalypse 2025: SQL injection and password cracking by @panawesome
2025-03-23Cyber Apocalypse Day #3 | Escaping filters and stealing flags by @WJ Pearce