{"product_id":"network-infiltration-pen-testing-internal-networks-active-directory-end-to-end-field-manual-to-understand-how-windows-domains-active-directory-a-9798264400940","title":"Network Infiltration: Pen-Testing Internal Networks \u0026 Active Directory: End-to-End Field Manual to Understand how Windows Domains, Active Directory, a","description":"\u003cp\u003e • Author(s): Byte Revenant\u003cbr\u003e • Publisher: Independently Published\u003cbr\u003e • Publisher Imprint: Independently Published\u003cbr\u003e • BISAC: Security - Network Security\u003c\/p\u003e\u003cp\u003e\u003c\/p\u003e\u003cp\u003eToday, \u003ci\u003eNetwork Infiltration: Pen-Testing Internal Networks \u0026amp; Active Directory\u003c\/i\u003e is released-a practical, defense-oriented roadmap to understanding and assessing Windows enterprise networks. Rather than offering tool lists, the book teaches practitioners to think like assessors: define scope, gather the right telemetry, map behaviors to MITRE ATT\u0026amp;CK, and communicate findings leaders can act on.\u003c\/p\u003e\u003cp\u003e\u003cb\u003eWhat's inside\u003c\/b\u003e\u003cbr\u003eThe book demystifies how authentication and authorization actually work in practice-Kerberos, NTLM, tokens, SIDs, SPNs-and shows how Group Policy, delegations, and trust topology shape exposure. Readers build a small, offline lab to observe identity flows on the wire and in logs, deploy Sysmon alongside Windows Event IDs, and integrate signal into SIEM\/EDR\/UEBA pipelines. The result is a repeatable way to establish baselines, detect what matters, and harden what counts.\u003c\/p\u003e\u003cp\u003e\u003cb\u003eWho it serves\u003c\/b\u003e\u003cbr\u003eSecurity engineers, detection analysts, incident responders, red\/purple teamers, architects, admins-anyone responsible for the safety and reliability of Windows environments.\u003c\/p\u003e\u003cp\u003e\u003cb\u003eKey takeaways\u003c\/b\u003e\u003c\/p\u003e\u003cul\u003e\n\u003cli\u003e\u003cp\u003eClear mental models for AD, GPOs, trusts, and admin protocols\u003c\/p\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cp\u003eA safe, reproducible offline lab and build scripts\u003c\/p\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cp\u003eCurated Windows Event and Sysmon IDs that surface meaningful behaviors\u003c\/p\u003e\u003c\/li\u003e\n\u003cli\u003e\u003cp\u003ePractical hardening: tiering, LAPS hygiene, Credential Guard, auditing that works\u003c\/p\u003e\u003c\/li\u003e\n\u003cli\u003e\n\u003cp\u003eReporting patterns that tie technical signal to business risk\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eChapter 0 - Foundations \u0026amp; Acronyms\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 1 - Assessment Mindset \u0026amp; Methodology\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 2 - Building the Safe Lab\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 3 - Identity 101 in Windows Domains\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 4 - Kerberos in the Real World\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 5 - NTLM and Legacy Realities\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 6 - Directory Objects, Delegations \u0026amp; RBAC\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 7 - Group Policy Deep Dive\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 8 - Trusts, Forests, and Boundaries\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 9 - Name Resolution \u0026amp; Identity Discovery\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 10 - Admin Protocols I: SMB, RPC\/DCOM\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 11 - Admin Protocols II: WMI \u0026amp; WinRM\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 12 - Remote Access: RDP \u0026amp; NLA\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 13 - Secrets \u0026amp; Protections: LSASS, LSA, SSO\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 14 - Telemetry Architecture\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 15 - SIEM\/EDR\/UEBA Integration\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 16 - Behaviors that Matter (MITRE ATT\u0026amp;CK)\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 17 - Hardening the Enterprise\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 18 - Designing for Resilience\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 19 - Executive Reporting \u0026amp; Risk Communication\u003c\/b\u003e\u003cbr\u003e\u003cb\u003eChapter 20 - Putting It All Together\u003c\/b\u003e\u003c\/p\u003e\n\u003cp\u003e\u003cb\u003eAppendices\u003c\/b\u003e\u003cbr\u003eA. Checklists \u0026amp; Templates (Scope, ROE, Evidence Logs)\u003cbr\u003eB. Event ID \u0026amp; Sysmon Quick Reference\u003cbr\u003eC. Lab Topologies \u0026amp; Build Scripts (Safe, Offline)\u003c\/p\u003e\n\u003c\/li\u003e\n\u003c\/ul\u003e","brand":"Atlantic Books","offers":[{"title":"Paperback","offer_id":46332981674135,"sku":"9798264400940","price":1947.0,"currency_code":"INR","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0666\/3471\/1191\/files\/9798264400940.webp?v=1768668299","url":"https:\/\/atlanticbooks.com\/products\/network-infiltration-pen-testing-internal-networks-active-directory-end-to-end-field-manual-to-understand-how-windows-domains-active-directory-a-9798264400940","provider":"Atlantic Books","version":"1.0","type":"link"}