Presented at
Diana Initiative 2023,
Aug. 7, 2023, 10 a.m.
(120 minutes).
When attackers successfully gain a foothold within an environment, one of the systems that they
typically target is Active Directory (AD). AD acts as a centralized access management system and
compromising it would typically give attackers the necessary access to achieve their objectives.
Each AD installation around the world is unique and the main problem that most AD environments face
is insecure configuration. Due to their nature, these misconfigurations usually cannot be fixed as part of
a vendor update or patch. Instead, these misconfigurations need to be identified and fixed as part of a
targeted assessment in each environment. Therefore, it is important for defenders to know how to
identify these issues and what remediation steps are needed to secure the environment.
The purpose of this entry-level workshop is to introduce the participants to the fundamental concepts
relating to attacking Active Directory. To achieve this, we will be performing a hands-on security
assessment against an AD environment. We will start from a compromised user and work our way
through the domain until we complete our operational objectives.
For more information, please see: https://www.dianainitiative.org/an-introduction-to-active-directory-exploitation/
Presenters:
Links:
Similar Presentations: