Understanding the Offensive Active
Directory Operations Certification
(OADOC) - Live Training
White Knight Labs proudly presents the Offensive Active Directory Operations Certification (OADOC) — an intermediate to advanced, live training course designed for cybersecurity professionals who want to sharpen their offensive security skills in modern Active Directory (AD) exploitation. This hands-on, intermediate-level program immerses students in real-world attack scenarios that mimic advanced adversary tactics, covering both Windows and Linux attack paths in highly realistic environments with the latest forest functional levels.
This live training format provides two or three intensive days of interactive instruction, allowing participants to engage directly with instructors and peers while learning advanced techniques in Active Directory Exploitation. Our curriculum is dynamically updated to incorporate the latest research, integrations with Active Directory and methodologies, ensuring you stay ahead of the curve.
May 10th, 11th and 12th 2025 at NorthSec
Here's a sneak peek of your training experience
What You’ll Learn
This training stands out by providing a comprehensive, hands-on approach to identifying and exploiting the latest Active Directory (AD) misconfigurations across Windows and Linux in modern, mixed environments. Covering forest functional levels from Windows Server 2016 to Server 2025, this course ensures your attack methodologies remain applicable across all modern forest functional levels, while equipping you with cutting-edge AD tooling and tradecraft knowledge.
What You'll Gain
- Multi-Platform Attacks – Execute cross-platform AD exploitation with techniques applicable to both Windows and Linux.
- Cutting-Edge AD Abuses – Explore exploitation strategies across various modern forest functional levels, ensuring your tradecraft stays ahead of modern defenses.
- Advanced AD Toolcraft – Leverage and customize modern, signed, and stealthy tools for effective AD enumeration and exploitation.
- Bypass Strategies – Master LDAP obfuscation, channel binding and signing bypasses, SMB evasion, and other modern AD defense evasion tactics.
- Operational Security & Defense Considerations – Bypass EDR/AV and network identity profiling, while understanding blue team detection strategies.
Course Syllabus
- Course Introduction: Introduction, Terraform Lab Deployment, Tooling and Development, PowerShell based bypasses.
- Introduction to Active Directory: AD Components, Common AD Protocols, Kerberos Authentication, Traffic Analysis, Server 2025 and other forest functional levels.
- Active Directory Enumeration: Internal DNS enumeration, Port Scanning, Understanding AD Protocols, Enumerating AD Components, Raw LDAP enumeration, LDAP Channel Signing and Binding based bypasses, LDAP obfuscation and Automating AD Enumeration.
- Password Attacks: Internal Password spraying, Service ticket attacks, gMSA/dMSA exploitation, PASSWD_NOTREQD, Password Reset, LAPS and Shadow Credential abuse.
- Man-in-the-Middle (MITM) Attacks: Protocol poisoning, Relays, Bypassing Protections and Potato relay exploits.
- File Share Exploitation: Mapping shares, Sensitive Data Discovery and Share based Privilege Escalation.
- ACL and Delegation Attacks: Exploiting ACLs, various forms of delegation abuse and more.
- Exploiting MSSQL: Enumeration, abuse, safe exfiltration, and privilege escalation
- Active Directory Certificate Services (AD CS) Exploitation: AD CS Exploitation, Certificate abuse and associated trade craft.
- Advanced Post-Exploitation Techniques: Dumping credentials, Ticket-based attacks and Domain persistence.
- Cross-Forest Privilege Escalation: Child-to-parent escalation, Bypassing SID filtering, TGT attacks, SQL and other trust abuses.
- Real-World Scenarios: Practical application of techniques, from initial foothold to domain admin, using a combined attack path.
- Defense methodology: Attack Telemetry, Securing Active Directory and Honeypots
Prerequisites
To ensure participants are prepared for the OADOC Live Training, students must meet the following prerequisites:
- Active Directory Fundamentals – Basic understanding of Active Directory structure, authentication, and common misconfigurations.
- Networking Basics – Familiarity with network protocols, Windows domains, and authentication mechanisms.
- Programming Experience – Some experience with scripting (PowerShell, Python) or compiled languages (C, C++) for AD exploitation.
- Windows Internals – Understanding of Windows security mechanisms, process interactions, and privilege escalation techniques.
- Offensive Security Mindset – Willingness to engage with challenging labs, stealth techniques, and real-world attack methodologies.
Cost and Discounts
The Offensive Active Directory Operations Certification (OADOC) – Live Training is priced at $700. This fee includes access to expert-created instructional materials, unlimited access to self-managed labs, and one exam voucher.
Additional Costs
- Compute Costs: Students are responsible for the AWS compute costs associated with running their lab environment.
Who Should Enroll
This course is ideal for:
- Penetration Testers and Red Teamers: Looking to break into or advance their skillset in Active Directory exploitation and red teaming.
- Blue Teamers and Defensive Security Professionals: Seeking to understand hyper-current attack techniques and enhance their detection capabilities.
- Cybersecurity Professionals and Researchers: Aiming to explore cutting-edge Active Directory offensive security and modern bypass strategies.
Course Takeaways
By the end of this course, you will have:
- Expertise in Modern AD Exploitation – A deep understanding of Active Directory security models, misconfigurations, and advanced exploitation techniques across Windows and Linux environments.
- Advanced Tradecraft & Bypasses – Mastery of LDAP obfuscation, authentication bypasses, SMB evasion, and modern AD abuse techniques.
- Hands-On Lab Experience – Practical skills from real-world-inspired labs, simulating enterprise environments with EDR & AV protections, with expert guidance throughout the process.
- Multi-Platform Offensive Skills – Proficiency in cross-platform AD attacks, leveraging Windows and Linux for stealthy, adaptive exploitation.
- Certification & Industry Recognition – A chance to validate your expertise with a certification attempt, proving your proficiency in cutting-edge AD security bypasses.
Dynamic Attack Paths and Labs
The lab environment consists of multiple interconnected forests with mutual trusts, simulating a real-world enterprise Active Directory setup. Each forest contains domain controllers, file servers, and bastion hosts, configured with enterprise-grade security controls to create a challenging attack surface.
Attack Simulation Structure:
- Multi-Forest Architecture – The lab features separate AD forests with trust relationships, providing opportunities to explore cross-domain attacks.
- Dedicated Bastion Hosts – Both Windows and Linux machines are provided for launching attacks and enumeration techniques.
- Domain Controllers & File Servers – Simulating a realistic corporate infrastructure, including critical assets and privileged accounts.
- Security Mechanisms in Place – Hardened environments with EDR, AV, logging, and monitoring, requiring advanced evasion techniques for successful exploitation.
This structure ensures you gain hands-on experience attacking modern, well-defended AD environments while understanding real-world security measures and detection strategies.
Register Now for the Next Live Training Session
May 10th, 11th and 12th 2025 at NorthSec
Secure your seat now and receive additional details by email once you complete the registration.
