# Active Directory

- [Basic Command](/active-directory/basic-command.md): The basic of Command Prompt and PowerShell
- [Enumeration](/active-directory/enumeration.md): Basic Enumeration using Command Prompt and PowerShell
- [PowerView](/active-directory/enumeration/powerview.md): Active Directory Enumeration Checklists with PowerView
- [Service Exploitation](/active-directory/service.md): Basic Service Exploitation in Windows or Active Directory
- [LDAP](/active-directory/service/ldap.md): LDAP Enumeration and Exploitation
- [SMB](/active-directory/service/smb.md): Basic SMB Enumeration and Exploitation
- [MS17-010](/active-directory/service/smb/ms17-010.md): SMB Exploit MS17-010
- [MSSQL](/active-directory/service/mssql.md): Recon and pwning MSSQL Server
- [Privilege Escalation](/active-directory/privilege-escalation.md): Windows Privilege Escalation Checks
- [Unquoted Service Path](/active-directory/privilege-escalation/unquoted-service-path.md): Unquoted Service Paths – Windows Privilege Escalation
- [UAC Bypass](/active-directory/privilege-escalation/uac-bypass.md): Common UAC Bypass Checklists
- [Token Abuse](/active-directory/privilege-escalation/token-abuse.md): Abusing Token for Privilege Escalation
- [Post Exploitation](/active-directory/post-exploitation.md): Active Directory Post Exploitation Checklists
- [Tunneling with Ligolo-ng](/active-directory/post-exploitation/tunneling-with-ligolo-ng.md): Tunneling with Ligolo-ng
- [Credential Hunting](/active-directory/credential-hunting.md): Common technique and tools to hunt credentials on Windows or Active Directory
- [Group Policy Preferences](/active-directory/credential-hunting/group-policy-preferences.md): Finding Passwords in SYSVOL & Exploiting Group Policy Preferences
- [DPAPI](/active-directory/credential-hunting/dpapi.md): Credentials Dumping from Data Protection API