Analyzing and Executing ADCS Attack Paths with BloodHound

Explore a comprehensive conference talk that delves into BloodHound's capabilities for discovering and analyzing Active Directory Certificate Services (ADCS) attack paths. Learn how this powerful tool simplifies the complex process of identifying privilege escalation opportunities within Microsoft's native PKI solution, reducing discovery time from hours to mere seconds. Master the practical execution of ADCS attack paths using common tools like Rubeus and Certify, while understanding effective defensive strategies to mitigate risks without disrupting business operations. Gain hands-on knowledge about smart card authentication, TLS certificate issuance and verification, and code signing within ADCS environments. Discover field-tested remediation approaches that address the unique challenges posed by various ADCS attack paths, equipping both attackers and defenders with essential insights for managing this complex system.