# Active Directory - [Recon - Domain Recon](/active-directory/recon-domain_recon.md) - [Recon - AD scanners](/active-directory/recon-ad_scanners.md) - [Exploitation - NTLM capture and relay](/active-directory/exploitation-ntlm_capture_and_relay.md) - [Exploitation - Password spraying](/active-directory/exploitation-password_spraying.md) - [Exploitation - Domain Controllers CVE](/active-directory/exploitation-dc_cve.md) - [Exploitation - Kerberos AS\_REP roasting](/active-directory/exploitation-kerberos_as_rep_roasting.md) - [Exploitation - Credentials theft shuffling](/active-directory/exploitation-credentials_theft_shuffling.md) - [Exploitation - GPP and shares searching](/active-directory/exploitation-gpp_and_shares_searching.md) - [Exploitation - Kerberos Kerberoasting](/active-directory/exploitation-kerberos_kerberoasting.md) - [Exploitation - ACL exploiting](/active-directory/exploitation-acl_exploiting.md) - [Exploitation - GPO users rights](/active-directory/exploitation-gpo_users_rights.md) - [Exploitation - Active Directory Certificate Services](/active-directory/exploitation-certificate_services.md) - [Exploitation - Kerberos tickets usage](/active-directory/exploitation-kerberos_tickets_usage.md) - [Exploitation - Kerberos silver tickets](/active-directory/exploitation-kerberos_silver_tickets.md) - [Exploitation - Kerberos delegations](/active-directory/exploitation-kerberos_delegations.md) - [Exploitation - gMS accounts (gMSAs)](/active-directory/exploitation-gms_accounts.md) - [Exploitation - Azure AD Connect](/active-directory/exploitation-azure_ad_connect.md) - [Exploitation - Operators to Domain Admins](/active-directory/exploitation-operators_to_domain_admins.md) - [Post Exploitation - ntds.dit dumping](/active-directory/post_exploitation-ntds_dit_dumping.md) - [Post Exploitation - Kerberos golden tickets](/active-directory/post_exploitation-kerberos_golden_tickets.md) - [Post Exploitation - Trusts hopping](/active-directory/post_exploitation-trusts_hopping.md) - [Post Exploitation - Persistence](/active-directory/post_exploitation-persistence.md)