Active Directory security: 8 (very) low hanging fruits and how to smash those attack paths

Presented at BSidesLV 2019, Aug. 6, 2019, 2 p.m. (235 minutes).

(Spoiler alert) During a cyber-attack, the Active Directory is one of favourite target in every firm. Very, very (very) often, to not say always, the active directory is compromised … Sadly, pentester or attacker often exploit the same obvious vulnerabilities to bounce and perform a privilege escalation. Come learn how to exploit and mitigate them. With something a little different, we are convinced that most common attacks against Active Directory could be prevent.

Presenters:

• Remi Escourrou
  Remi Escourrou (@remiescourrou) is senior security consultant at Wavestone. For four years, he has been developing his skills as a pentester of IT infrastructure, red teamer and more specifically on Active Directory environment. He is also involved in the CERT-W as First Responder and already saw the other side of the attack.
• Nicolas Daubresse
  Nicolas Daubresse (@nicolas_dbresse) is senior security consultant at Wavestone. For four years, he has mainly performed penetration tests on global IT infrastructure and Active Directory environments. Involved in the CERT-W, he also had the occasion to see the other side of the attack and saw these vulnerabilities exploited in the wild.

Similar Presentations:

• Black Hat USA 2017 / The Active Directory Botnet
• NolaCon 2018 / Active Directory Security: The Journey
• TROOPERS17 (2017) / Active Directory Security Best Practices. Top 11 Security Mistakes in Active Directory and How to Avoid Them