Explore the unintended risks associated with trusting Active Directory in this 48-minute conference talk from Derbycon 2018. Delve into security descriptors, Active Directory environments, and objects while examining the implications for workgroups and single hosts. Learn about weaponization techniques, persistence methods, and existing misconfigurations. Gain insights into Cobalt Strike and session enumeration as the speakers Lee Christensen, Will Schroeder, and Matt Nel share their expertise on this critical cybersecurity topic.
Overview
Syllabus
Intro
What are security descriptors
Active Directory environments
Active Directory security descriptors
Active Directory objects
Active Directory in a workgroup
Active Directory in a single host
Security Implications
Weaponization
Persistence Demo
Existing Misconfigurations
Cobalt Strike
Session Enumeration
Summary
Shoutout
