Active Directory - Common Vulnerabilities
Microsoft Active Directory (AD) underpins identity and access management for most enterprise networks. Because it is tightly coupled with Windows authentication, Group Policy, and infrastructure services, a single misconfiguration can enable rapid lateral movement or full domain compromise. This section catalogues the vulnerabilities and abuse primitives most frequently exploited during Active Directory penetration tests so that defenders can prioritise detection and hardening work.
How To Use This Section
- Attack surface awareness – Understand the trust relationships, delegation settings, and service accounts that attackers target first.
- Detection cues – Each subchapter outlines indicators that blue teams can monitor for, ranging from unusual Kerberos ticket requests to ACE modifications.
- Mitigation strategies – Every issue includes concrete remediation guidance, aligned with Microsoft security baselines and modern identity protections such as tiered administration, managed identities, and privileged access workstations.
Review the following vulnerabilities, validate whether they apply to your environment, and integrate the recommended mitigations into your Active Directory hardening roadmap.