📄️ Credential Access
Credential Access is where we may find Credentials in Compromised Systems and gain access to User Credentials. It helps us to reuse them or Impersonate the Identity of a User. Obtaining legitimate user Credentials is preferred rather than Exploiting Systems using CVE's.
📄️ Local Windows Credentials
In general, Windows Operating System provides two types of User Accounts: Local and Domain. Local Users Details are stored locally within the Windows File System, while Domain Users Details are stored in the Centralized Active Directory.
📄️ LSASS
Local Security Authority Server Service (LSASS) is a Windows Process that handles the Operating System Security Policy and Enforces it on a System. It verifies Logged-in Accounts and ensures Passwords, Hashes, and Kerberos Tickets.
📄️ Windows Credential Manager
Credential Manager is a Windows Feature that stores Logon-Sensitive Information for Websites, Applications, and Networks. It contains Login Credentials such as Usernames, Passwords, and Internet Addresses.
📄️ NTDS Domain Controller
New Technologies Directory Services (NTDS) is a Database containing all Active Directory Data, including Objects, Attributes, Credentials, etc. The NTDS.DTS Data consists of Three Tables.
📄️ LAPS
In 2015, Microsoft removed storing the Encrypted Password in the SYSVOL Folder. It introduced the Local Administrator Password Solution (LAPS), which offers a much more secure approach to remotely managing the Local Administrator Password.
📄️ Other Attacks
Kerberoasting