SchellmanCON is back! Join us for our virtual conference on March 6 & 7, 2025

Contact Us
Services
Services
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
Sustainability Services
Sustainability Services
AI Services
AI Services
About Us
About Us
Leadership Team
Leadership Team
Corporate Social Responsibility
Corporate Social Responsibility
Careers
Careers
Strategic Partnerships
Strategic Partnerships

Blog

The Schellman Blog

Stay up to date with the latest compliance news from the Schellman blog.

Ryan Warren

Ryan Warren is a Senior Penetration Tester with Schellman in the Little Rock, AR area, where he performs several offensive security assessments including internal/external network testing, social engineering, and web application tests. Prior to joining Schellman in 2022, Ryan worked in city government as an Information Security Coordinator, which included vulnerability management and incident response.

Blog Feature

Penetration Testing

By: Ryan Warren
November 1st, 2024

While many companies are moving to the cloud, it's still common to find Active Directory (AD) deployed locally in Windows environments. During internal network pen tests, I was pretty comfortable with lateral movement and privilege escalation (via missing patches or LLMNR/NBT-NS/IPv6, open network shares, etc.) but felt lacking in how I could leverage attacks against AD to provide more impact during the assessment. In my journey to get better at attacking AD, I was able to enroll in different free and paid courses. This blog post will provide you with an overview of the four I found to be most beneficial personally.

{