What is an Active Directory penetration test?

An Active Directory pentest is a penetration test targeting vulnerabilities in your Windows directory. IT-Secure Luxembourg uses MITRE ATT&CK, OWASP and PTES frameworks. 100% of our audits reveal exploitable vulnerabilities.

How long does an AD pentest take?

A standard Active Directory penetration test takes between 3 and 5 business days depending on infrastructure size. Contact us at +352 20 600 232 for a customized quote.

Offensive Security

Active Directory Penetration Testing

Identify vulnerabilities in your Active Directory infrastructure before an attacker can exploit them. Our certified experts simulate real-world attack scenarios, aligned with the MITRE ATT&CK, OWASP, and PTES frameworks.

Request a Pentest Our Methodology

95%

of ransomware attacks exploit AD

100%

of our pentests uncover vulnerabilities

48h

average time to detection

Our Commitments

Why choose IT-Secure

50+ AD environments audited

Finance, industry, public sector, Luxembourg SMEs. Diverse experience in service of your security.

Recognized frameworks

MITRE ATT&CK, PTES, OWASP, ANSSI. Our audits follow the most rigorous methodologies in the industry.

Quality deliverables

Executive report, detailed technical report, prioritized remediation plan, and a presentation session for your teams.

3 Certified architects

Sophos Gold Partner expertise with specialists certified in both offensive and defensive security.

Audit Approaches

3 testing levels tailored to your needs

Blackbox

Simulation of an external attacker with no prior knowledge. Identifies publicly accessible vulnerabilities.

Greybox

Simulation of an insider threat with limited access. Evaluates privilege escalation within the AD environment.

Whitebox

Full audit with complete access to documentation. Comprehensive analysis of GPOs, delegations, and security configurations.

Methodology

6 phases of a rigorous pentest

Scoping & Perimeter

Establishing the legal framework and scope of the engagement. Definition of objectives, rules of engagement, and constraints.

Reconnaissance

Comprehensive mapping of the AD environment. Enumeration of domains, forests, trust relationships, and accounts.

Initial Compromise

Simulating initial breach techniques. Exploitation of authentication weaknesses and exposed services.

Privilege Escalation & Lateral Movement

Testing lateral movement capabilities. Escalation to privileged accounts and propagation across the domain.

Persistence & Impact

Assessing data exfiltration and undetected access. Persistence simulation using Golden/Silver Tickets.

Reporting & Remediation

Delivering executive and technical reports with remediation recommendations prioritized by criticality.

Targeted Vulnerabilities

Attack techniques evaluated

Kerberoasting AS-REP Roasting Pass-the-Hash BloodHound DCSync Golden Ticket Silver Ticket NTLM Relay

Test your Active Directory before attackers do

Contact our experts to schedule an Active Directory penetration test tailored to your environment.

Request a Pentest +352 20 600 232