Advanced Threat Emulation: Active Directory

More than 95% of Fortune 500 companies use Active Directory; it is the underpinning of modern enterprise environments. Come learn the secrets behind attacking AD and discover just how vulnerable these environments can be.

Course Overview

1. Introduction
2. Course Material
3. Using Snaps Labs
1. What is Active Directory?
2. Types of AD Objects
3. Users and Groups
4. Understanding the Domain Controller
1. Manual Enumeration
2. Utilizing Automated Tools
3. Understanding Domain Policy
4. Path Finding with BloodHound
1. Name Resolution Basics
2. Responsible Poisoning
3. LLMNR, NetBIOS and mDNS
4. DHCPv6 and ARP Spoofing
5. ADIDNS Abuse
1. Types of Credentials
2. LSASS Dumping Methods
3. Kerberos Overview
4. Kerberoasting
5. Ticket Forging
1. What is Delegation?
2. Unconstrained Delegation
3. Constrained Delegation
4. Resource-Based Constrained Delegation
1. Introduction to Trusts
2. Enumerating Trusts
3. Attacking Intra-Forest Trusts
4. Attacking Inter-Forest Trusts

Key Takeaways

Understand AD Architecture and Functionalities
Learn a broad range of AD Attack Strategies
Understand Effective Countermeasures to AD Attacks

Advanced Threat Emulation: Active Directory

Course Overview

Introduction

The Basics of Active Directory

Enumerating Active Directory

Name Resolution on Windows

Kerberos Abuse and Credential Dumping

Delegation Attacks

Domain Trusts

Key Takeaways

Interested in Taking This Course?