Breaking Active Directory
Abstract
Explore the insights of attacking an Active Directory environment, learn common attack paths and dive into the position of an attacker exploiting and laterally moving in a realistic environment. Throughout a 3-day course the participants will be guided from exploring a typical environment to take full control of the network with persistent access.
Targeted Audience
This training is made for IT-Security professionals, who would like to take the seat of an attacker to exploit an Active Directory environment. There are no hard-bound knowledge requirements to take this course, however the following experiences are helpful:
- Basic experience with typical Windows and Active Directory environments
- Basic knowledge of core Windows technologies and terms, such as the Kerberos and NTLM authentication protocols
- Basic knowledge of Unix Systems
- Experience with common enumeration and exploitation techniques
Details
This training is set up as a 3-day course in which the participants will explore and exploit a realistic Active Directory environment. This course aims to achieve the following learning objectives:
- Learn and strengthen knowledge about basic Active Directory terminology, components and protocols.
- Exploring weaknesses and attack paths
- Analysis and development of exploits and design weaknesses
- Practical, hands-on experience in exploring, exploiting and movement within an Active Directory environment
Day 1:
- Welcome round, training course overview and setup
- Mapping of the target environment
- Identification of weaknesses and planning of initial access
- Gaining initial foothold
- Enumerating the target, shaping of privilege escalation plans
- Escalating to local admin
Day 2:
- Wrap-Up of Day 1, Revisiting goals and attack paths
- Enumerating the network
- Identification of weaknesses and planning of lateral movement
- Lateral movement and credential harvesting
- Unravelling and mapping of the Active Directory environment
- Enumerating weaknesses in key components
- Escalating privileges
Day 3:
- Wrap-Up of Day 2, Revisiting goals and attack paths
- Chaining attacks and privileges to exploit high value targets
- Gaining access to core components
- Becoming Enterprise Admin
- Review and detailed analysis of key weaknesses
- Wrap-Up and closing