Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

I Am AD FS and So Can You - Attacking Active Directory Federated Services

WEareTROOPERS via YouTube

Overview

Explore the intricacies of Active Directory Federated Services (AD FS) and its potential vulnerabilities in this comprehensive conference talk. Delve into the building blocks of AD FS, including claims pipelines, security tokens, and assertions. Learn about identity providers, adapters, and techniques for locating AD FS proxies. Discover methods to target weak links and adapt attack strategies. Gain insights into the Windows Internal Database (WID) and techniques for locating and decrypting sensitive information. Examine tools like ADFSDump and ADFSpoof, and understand their implications. Conclude with best practices for mitigation and appropriate incident response strategies to enhance AD FS security.

Syllabus

Intro
Roadmap
Doug Bienstock - @doughsec
Austin Baker - @bakedsec
Active Directory Federated Services
Building Blocks - Claims Pipeline
Building Blocks - Security Tokens
Building Blocks - claims to assertions
Building blocks - the RP
Identity Providers and Adapters
Finding AD FS Proxies
Target the Weak Links
Adapt or die
Windows Internal Database (WID)
Locating the goods
Decrypting the SigningToken
Key Derivation
Key Decryption
ADFSDump
ADFSpoof
Best Practices and Mitigations
Responding Appropriately

Taught by

WEareTROOPERS

Reviews

Start your review of I Am AD FS and So Can You - Attacking Active Directory Federated Services

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.