Presented at
Kernelcon 2023,
April 15, 2023, 4 p.m.
(60 minutes).
Time zones might be fake, but time always goes by too quickly. However, thanks to infrastructure-as-code, we can reduce the time it takes to deploy resources to the cloud and build labs. And as hackers, if we build something — we have to break it.
This talk will first discuss how to leverage infrastructure-as-code to set up your own Active Directory lab and how to go from a standard user to Domain Admin. Multiple adversarial simulation patterns will be discussed, for example: password spraying, pass-the-hash attacks, Kerberoasting, and NTLM relay attacks, etc.
The initial stage of this talk will begin with a brief journey behind the process of using Terraform to set up an Active Directory environment. Afterwards, we will replicate each attack path with a demo that utilizes various active directory misconfigurations. This talk will conclude with the best practices to mitigate these threats.
Presenters:
-
Veronica Weiss
Veronica Weiss is a Red Team Engineer on a Product Security team at a very large software company. In a previous life in FinTech, they led a Research and Development program and worked on multiple key engineering projects and initiatives that leveraged an offensive security-based mindset. Due to the nature of their work, Veronica’s hobbies include having a Celsius addiction and trying not to think about cloud computing platforms.
Similar Presentations: