[PA] Attacking and Defending AD

I started Attacking&Defending AD from Pentester Academy almost as soon as I passed Practical Network Defense from eLearnSecurity. One of my friends was already enrolled and he was the one that convinced me to get it.

Start date of the course & lab was set for 11 October and the access war purchased for 30 days. It took me around 2 weeks to go through the course (the videos and the slides) and through the lab.

Took notes of things that i considered that are going to help me and I went through the lab environment 2 more times just by using my notes.

The course

I can’t really say much about the course since everything was on point.

I liked the fact that they gave you access to download the course slides and notes.

The lab

As they say in the presentation, the lab is a fully patched Windows AD environment.

All the attacks are done from machines that have Windows installed on them. There’s no Linux machine in the environment. However, they do have an Attacking AD with Linux course.

Something I considered a big plus it was that the access was given to the whole AD environment, not only to a network segment/specific machine on which to test an attack.

Another plus would be the fact that their support team respond pretty fast and they help you wherever it’s a technical question or any other one.

The exam

The exam is similar to what you’ll be practicing in the lab environment. I liked the fact that you have to write a report based on the assessment instead of submitting a bunch of flags.

Once the practical exam is done you have to make the report and send it to them. They review the report and they contact you in max 2 days of the moment you’ve sent the report.


Consider playing a lot with Mimikatz. Make yourself a home lab where to play with it. It will be really helpful.

Always try thinking outside the box, and remember that most of the time you have multiple methods in order to achieve the same thing.