Explore advanced Active Directory (AD) attack techniques and operational security in this comprehensive conference talk from Hack In The Box Security Conference. Delve into the world of AD abuse primitives and learn how adversaries chain these techniques to form attack paths that compromise entire enterprise networks. Examine four real-world attack paths, including new abuse primitives such as diamond tickets, U2U tickets, and Shadow Credentials. Gain insights into the methodology behind successful AD attacks, including enumeration, tactical considerations, and evasion of blue team detection. Watch video demonstrations from an adversary's perspective using a Command and Control (C2) framework for a realistic offensive operation experience. Understand the root causes, implementation methods, and operational guidance for each attack path, enhancing your knowledge of AD security vulnerabilities and defense strategies.
Active Directory Abuse Primitives and Operation Security
Hack In The Box Security Conference via YouTube
Overview
Syllabus
#HITB2023AMS D2T2 - Active Directory Abuse Primitives And Operation Security - M. Cheng & D. Chen
Taught by
Hack In The Box Security Conference
Related Courses
-
GPTHound: Your Active Directory Security Assistant - Enhancing AD Assessment
-
I Know What Your AD Did Last Summer - Talks About Active Directory
-
Red Vs. Blue - Modern Active Directory Attacks, Detection, And Protection
-
Beyond the MCSE - Active Directory for the Security Professional
-
Attack Scenarios Abusing Azure Active Directory
-
Active Directory Security - The Journey
