Integration of active directory attack detection in HuntDown

Active Directory is a critical element of the IT infrastructure in most organizations, especially in enterprise environments, as it is widely used for access and identity management, and is therefore a prime target for attackers. This Master Thesis focuses on the integration of the NetExec tool with...

Descripción completa

Detalles Bibliográficos
Autor: Mejia Freire, Jorge Felipe
Tipo de recurso: tesis de maestría
Fecha de publicación:2025
País:España
Institución:Universitat Politècnica de Catalunya (UPC)
Repositorio:UPCommons. Portal del coneixement obert de la UPC
Idioma:inglés
OAI Identifier:oai:upcommons.upc.edu:2117/452102
Acceso en línea:https://hdl.handle.net/2117/452102
Access Level:acceso abierto
Palabra clave:Penetration testing (Computer security)
Directories
Active directory
Pentesting
Huntdown
Prova de penetració (Seguretat informàtica)
Directoris
Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica
Descripción
Sumario:Active Directory is a critical element of the IT infrastructure in most organizations, especially in enterprise environments, as it is widely used for access and identity management, and is therefore a prime target for attackers. This Master Thesis focuses on the integration of the NetExec tool within the HuntDown framework, for the automation of penetration tests and security assessments on real Active Directory environments. The project addresses the design and implementation of parsers developed in Go, to execute attacks on Active Directory environments using NetExec, process their results, and then convert them into structured outputs in JSON format for display in tables within the HuntDown graphical interface. The integration of the NetExec was validated in a controlled virtual environment, and included tests of host discovery, user enumeration, detection of weak credentials and policies, Pass-the-Hash attacks, among others. The tests showed the versatility of using the HuntDown framework to perform penetration tests in Active Directory, and the visualization of the results in structured tables, facilitating their analysis. This integration enhanced the arsenal of tools available in HuntDown, and turned it into a more powerful and robust platform for performing security assessments in a variety of scenarios.