Download
Active-Directory-Exploitation-Cheat-Sheet is a comprehensive, community-curated cheat sheet that collects practical enumeration commands, attack techniques, and quick references for attacking and auditing Windows Active Directory environments. The repository is organized as a stepwise kill-chain: recon, domain enumeration, local privilege escalation, user hunting, BloodHound guidance, lateral movement, persistence, domain-admin takeover, cross-trust attacks, data exfiltration, and a toolbox of payloads and helper scripts. It aggregates short, copy-ready PowerShell, C, .NET and Python snippets as well as command examples so operators can quickly run checks or reproduce techniques in lab environments. The content also includes .NET payload patterns, reverse PowerShell helpers, notes on privileged accounts and groups, and practical tips for hunting or protecting high-value targets.
Features
- Searchable web UI with category filters and copy-to-clipboard for commands
- Machine-readable export (JSON/YAML) so CI pipelines or toolchains can ingest the cheat sheet
- Risk-level tagging and mitigation notes for each technique to help defenders prioritize fixes
- Docker/VM lab recipes that reproduce key attacks safely for testing and training
- Automatic mapping to MITRE ATT&CK tactics and techniques with visualizations
- Versioned change log and contributor guidance with a suggested verification checklist
Project Samples
