I Am AD FS and So Can You - Attacking Active Directory Federated Services

I Am AD FS and So Can You - Attacking Active Directory Federated Services

WEareTROOPERS via YouTube Direct link

Best Practices and Mitigations

21 of 22

21 of 22

Best Practices and Mitigations

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

I Am AD FS and So Can You - Attacking Active Directory Federated Services

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Roadmap
  3. 3 Doug Bienstock - @doughsec
  4. 4 Austin Baker - @bakedsec
  5. 5 Active Directory Federated Services
  6. 6 Building Blocks - Claims Pipeline
  7. 7 Building Blocks - Security Tokens
  8. 8 Building Blocks - claims to assertions
  9. 9 Building blocks - the RP
  10. 10 Identity Providers and Adapters
  11. 11 Finding AD FS Proxies
  12. 12 Target the Weak Links
  13. 13 Adapt or die
  14. 14 Windows Internal Database (WID)
  15. 15 Locating the goods
  16. 16 Decrypting the SigningToken
  17. 17 Key Derivation
  18. 18 Key Decryption
  19. 19 ADFSDump
  20. 20 ADFSpoof
  21. 21 Best Practices and Mitigations
  22. 22 Responding Appropriately

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.