What is Post-Compromise Enumeration and when?
After taking over a user in the domain, we can utilize different useful tools that can help us in enumeration.
What do I look for?
- Targets of high value
- Domain admins
- Enterprise admins
- Other accounts (other than the one that we’re enumerating from)
- Architecture of devices
- ANY INFORMATION THAT CAN BE USEFUL (THINK OUTSIDE OF THE BOX)