Post Enumeration for AD
Tools: Powerview, bloodhound
Method1: Powerview
Upload a script on the target windows machine
On the machine, type
powershell -ep bypass (ep stops us from executing scripts)
. .\PowerView.ps1 (if nothing happens, it's loaded)
Get-NetDomain shows domain info
Method 2: Bloodhound
Last updated