AD Basics
https://www.youtube.com/watch?v=Whh3kPS0FdA
Installing AD server
http://www.rebeladmin.com/2014/07/step-by-step-guide-to-setup-active-directory-on-windows-server-2012/https://scriptdotsh.com/index.php/2018/08/26/active-directory-penetration-dojo-setup-of-ad-penetration-lab-part-2/https://scriptdotsh.com/index.php/tag/active-directory/https://1337red.wordpress.com/building-and-attacking-an-active-directory-lab-with-powershell/
Setting up a automated lab https://github.com/AutomatedLab/AutomatedLab
Installing AD server https://sethsec.blogspot.com/2017/06/pentest-home-lab-0x2-building-your-ad.html
Enumeration:
All Active Directory attacks https://adsecurity.org/?page_id=4031
Active Directory Penetration Dojo – AD Environment Enumeration -1 https://scriptdotsh.com/index.php/2019/01/01/active-directory-penetration-dojo-ad-environment-enumeration-1/
Low Privilege Active Directory Enumeration from a non-Domain Joined Host
https://www.attackdebris.com/?p=470
Kerberos Domain Username Enumeration
https://www.attackdebris.com/?p=311
SPN SCanning
SPN Scanning – Service Discovery without Network Port Scanning https://adsecurity.org/?p=1508
Active Directory Pentest Recon Part 1: SPN Scanning aka Mining Kerberos Service Principal Names https://adsecurity.org/?p=230
Kerberoasting https://adsecurity.org/?p=2293 Cracking Kerberos TGS Tickets Using Kerberoast – Exploiting Kerberos to Compromise the Active Directory Domain. Explains kerberoasting and how the exploitation takes place.
https://github.com/nidem/kerberoast Steps for kerberoasting
https://blog.stealthbits.com/extracting-service-account-passwords-with-kerberoasting/ Another blog listing out the steps for kerberoasting. It also has a couple of other attacks
https://blog.stealthbits.com/discovering-service-accounts-without-using-privileges/ DISCOVERING SERVICE ACCOUNTS WITHOUT USING PRIVILEGES
Kerberoasting explained. Also has kerberoasting with rubeus https://posts.specterops.io/kerberoasting-revisited-d434351bd4d1