This is a red team operator's checklist for Active Directory penetration testing. It walks through the standard attack chain: BloodHound reconnaissance, Kerberoasting and AS-REP roasting for credential extraction, DCSync for domain controller dumps, and ticket attacks like golden and silver tickets. The workflow is practical, covering clock sync issues with Kerberos, tools like Impacket and Rubeus, and newer exploits like ZeroLogon and PrintNightmare. It's built for authorized engagements where you need to demonstrate domain compromise paths. The quick reference table at the end is genuinely useful if you keep forgetting which Impacket script does what.
npx skills add https://github.com/sickn33/antigravity-awesome-skills --skill active-directory-attacks