Overview
Today, Network Infiltration: Pen-Testing Internal Networks & Active Directory is released-a practical, defense-oriented roadmap to understanding and assessing Windows enterprise networks. Rather than offering tool lists, the book teaches practitioners to think like assessors: define scope, gather the right telemetry, map behaviors to MITRE ATT&CK, and communicate findings leaders can act on. What's inside The book demystifies how authentication and authorization actually work in practice-Kerberos, NTLM, tokens, SIDs, SPNs-and shows how Group Policy, delegations, and trust topology shape exposure. Readers build a small, offline lab to observe identity flows on the wire and in logs, deploy Sysmon alongside Windows Event IDs, and integrate signal into SIEM/EDR/UEBA pipelines. The result is a repeatable way to establish baselines, detect what matters, and harden what counts. Who it serves Security engineers, detection analysts, incident responders, red/purple teamers, architects, admins-anyone responsible for the safety and reliability of Windows environments. Key takeaways Clear mental models for AD, GPOs, trusts, and admin protocols A safe, reproducible offline lab and build scripts Curated Windows Event and Sysmon IDs that surface meaningful behaviors Practical hardening: tiering, LAPS hygiene, Credential Guard, auditing that works Reporting patterns that tie technical signal to business risk Chapter 0 - Foundations & Acronyms Chapter 1 - Assessment Mindset & Methodology Chapter 2 - Building the Safe Lab Chapter 3 - Identity 101 in Windows Domains Chapter 4 - Kerberos in the Real World Chapter 5 - NTLM and Legacy Realities Chapter 6 - Directory Objects, Delegations & RBAC Chapter 7 - Group Policy Deep Dive Chapter 8 - Trusts, Forests, and Boundaries Chapter 9 - Name Resolution & Identity Discovery Chapter 10 - Admin Protocols I: SMB, RPC/DCOM Chapter 11 - Admin Protocols II: WMI & WinRM Chapter 12 - Remote Access: RDP & NLA Chapter 13 - Secrets & Protections: LSASS, LSA, SSO Chapter 14 - Telemetry Architecture Chapter 15 - SIEM/EDR/UEBA Integration Chapter 16 - Behaviors that Matter (MITRE ATT&CK) Chapter 17 - Hardening the Enterprise Chapter 18 - Designing for Resilience Chapter 19 - Executive Reporting & Risk Communication Chapter 20 - Putting It All Together Appendices A. Checklists & Templates (Scope, ROE, Evidence Logs) B. Event ID & Sysmon Quick Reference C. Lab Topologies & Build Scripts (Safe, Offline)
Full Product Details
Author: Byte Revenant
Publisher: Independently Published
Imprint: Independently Published
Volume: 3
Dimensions:
Width: 15.20cm
, Height: 1.60cm
, Length: 22.90cm
Weight: 0.395kg
ISBN: 9798264400940
Pages: 294
Publication Date: 08 September 2025
Audience:
General/trade
,
General
Format: Paperback
Publisher's Status: Active
Availability: Available To Order
We have confirmation that this item is in stock with the supplier. It will be ordered in for you and dispatched immediately.
