Loading…
Attending this event?
Thursday, October 10 • 13:30 - 17:30
Active Directory security: 8 (very) low hanging fruits and how to smash those attack paths FILLING

Sign up or log in to save this to your schedule and see who's attending!

Log in to leave feedback.
Limited Capacity filling up

Welcome in PacFirm, the most insecure network ever, we have a very large Active Directory environment and we do no security at all. For now, no ghost has ever hacked our corporate network (at least we hope) but our new CISO requires us to perform a security assessment.

Your mission, should you choose to accept it, is to evaluate our security level and fix the issues.

In this fully hands-on workshop, we’ll guide you through 8 of the lowest hanging fruits weaknesses that we witnessed during numerous penetration tests. You’ll learn how to:

- Spot passwords inside user descriptions
- Find passwords on shared folders
- Spray passwords over accounts
- Quickly detect obsolete workstations and servers
- Get free password hashes by kerberoasting
- Pivot from machine to machine by reusing local credentials
- Spot machines where Domain Admins are connected
- Retrieve Domain Admins credentials in memory

Crackmapexec, Powerview, Rubeus, Mimikatz will be your best friends during this workshop.

Hand-on exercises will be performed on our lab environment with more than twenty virtual machines. For each attack, we will also discuss about mitigation techniques.

This training is aimed at sysadmins or security professionals willing to start with Active Directory security and hands-on sessions. There is no specific requirement for attendees except a basic IS and infosec culture.

All attendees will need to bring a laptop capable of running virtual machines (4GB of RAM is a minimum) and an up-to-date RDP client. Each attendee will be given a USB key with a Windows virtual machine with the necessary pentesting tools to perform the lab sessions.

Speakers
avatar for Remi Escourrou

Remi Escourrou

Rémi Escourrou (@remiescourrou) and Nicolas Daubresse (@nicolas_dbresse) are security consultant at Wavestone. For 4 years, they have been developing their skills as a pentester of IT infrastructure and more specifically on Active Directory environment. They are also involved in... Read More →
avatar for Nicolas Daubresse

Nicolas Daubresse

Rémi Escourrou (@remiescourrou) and Nicolas Daubresse (@nicolas_dbresse) are security consultant at Wavestone. For 4 years, they have been developing their skills as a pentester of IT infrastructure and more specifically on Active Directory environment. They are also involved in... Read More →


Thursday October 10, 2019 13:30 - 17:30
05. La Trappe Novotel

Attendees (28)