je vais lister quelques attaues AD Kerberoasting OK AS-REP Roasting Overpass-the-Hash Pass-the-Ticket Golden Ticket Silver Ticket Skeleton Key Kerberos Delegation Abuse Unconstrained Delegation Constrained Delegation Resource-Based Constrained Delegation (RBCD) Pass-the-Hash NTLM Relay SMB Relay LDAP Relay HTTP Relay SMB Signing bypass Password spraying Brute force (rare en réel mais conceptuellement) Credential dumping Token impersonation SID History abuse Service Account abuse Local Admin password reuse LAPS misconfiguration abuse DCSync DCShadow NTDS.dit extraction SYSTEM hive abuse SYSVOL abuse GPP Passwords AD database offline extraction GPO abuse Modification de scripts de logon Scheduled tasks via GPO Startup scripts malveillants Abuse des permissions GPO Forest Trust abuse External Trust abuse Child → Parent escalation SID Filtering bypass Trust account compromise SMB lateral movement WMI lateral movement WinRM lateral movement PsExec-like techniques RDP abuse Scheduled Tasks remote Service creation abuse Golden Ticket persistence ACL backdoor GPO persistence AdminSDHolder abuse Shadow Credentials persistence Service account persistence DCShadow persistence Living Off The Land (LOLBins) Bypass AMSI Bypass PowerShell logging Evasion EDR via AD paths Time-based attacks Token manipulation