BruCON 0x0E has ended
Back To Schedule
Friday, September 30 • 10:30 - 12:30
Domain Admin before lunch - A workshop on compromising organizations from the inside FULL

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Limited Capacity full

In this workshop, SANS instructor Jean-Francois Maes is going to walk over several tactics on how to compromise organizations from the inside.
Let Jean-Francois guide you on how AD authentication works and how an inside threat can abuse the flow to establish a foothold and potentially escalate privileges.
This workshop will use 3 virtual machines, which cannot be deployed to the cloud so make sure to bring a beefy enough laptop that is able to run three VMS in tandem!

This workshop will cover:
- Introduction to AD authentication (NTLM + Kerberos)
- using responder and impacket to capture credentials and relay them
- Active Directory Certificate Services
- Shadow Credentials

avatar for Jean-Francois Maes

Jean-Francois Maes

Jean-Francois is a SANS instructor and author, primarily focused on red teaming and internal penetration testing, he teaches SANS purple and red teaming courses.Jean-Francois is also a senior researcher at HelpSystems and helps define Cobalt-Strike's roadmap.On top of his work at... Read More →

Friday September 30, 2022 10:30 - 12:30 CEST
04. Het Anker