Date | Day | Time | Duration |
22 November | Monday | 09:00 to 17:00 GST/GMT+4 | 8 Hours |
23 November | Tuesday | 09:00 to 17:00 GST/GMT+4 | 8 Hours |
Active Directory is at the heart of 95% of the Global Fortune 1000. Almost every enterprise in the world uses AD. However, common misconfigurations prevail, allowing for threat actors to take full control over entire infrastructures. Despite this, core security concepts related to AD go misunderstood and often ignored.
In this course we introduce common Active Directory misconfigurations, what their root cause is and how they can be abused. The course focuses on abusing real life misconfigurations and steers away from the traditional penetration testing tools and methodologies.
Watch this video to get a feel of Tarek’s online training where he explains AS-REP Roasting – a topic that is covered in more detail in the training.
- Components - Trees and forests - Enumeration
- Security principles - Security contexts - SID/RIDs - UPN - User enumeration
- Types and scope - Difference between groups and OUs - Attributes - Enumerating group and OUs
- Understanding and enumerating computer objects
- ACEs - ACLs - DACLs/SACLs - Understanding bad permissions - Enumerating permissions - Abusingpermissions
- Password profiling - Understanding password policies - Enumerating password policies - Password spraying
- PSExec, WMI, PS
- Different types of hashes - MS-NLMP - Capture NTLMv2 hashes
- Understanding LSASS - Understanding Mimikatz modules and output - Pass the hash
- Kerberos deep dive - AS-REP Roasting - Kerberoasting - Silver Ticket - Golden Ticket