Reconnaissance, Attacks, and Post-Exploitation

Presented at DerbyCon 2.0 Reunion (2012), Sept. 30, 2012, 9:30 a.m. (30 minutes)

This is a 200-level presentation that describes gathering information from Active Directory to assist a penetration tester in target selection, locating and leveraging common configuration mistakes to attack domain member computers and users, and post-exploitation activities. An emphasis is placed on using information that can be freely gathered by unprivileged users from Active Directory. This presentation assumes familiarity with the Windows security architecture and Active Directory.

Presenters:

• Evan Anderson
  Evan Anderson has worked in IT as a contract engineer since 1998. Presently he is a partner in Wellbury Information Services LLC of Dayton, OH, and provides network design, implementation, and system administration services to a variety of clients ranging from small business to Fortune 1000. He has performed reviews of network security architectures, application and network penetration testing, and delivered infosec-related training for clients in financial, medical, and public policy sectors.

Similar Presentations:

• TROOPERS17 (2017) / Active Directory Security Best Practices. Top 11 Security Mistakes in Active Directory and How to Avoid Them
• NolaCon 2018 / Active Directory Security: The Journey
• Black Hat USA 2017 / The Active Directory Botnet