2 hour Hands-on Lab: An Introduction to Active Directory Exploitation
Monday August 7, 2023 – 10:00a-12:00p
Workshop Outline
When attackers successfully gain a foothold within an environment, one of the systems that they typically target is Active Directory (AD). AD acts as a centralized access management system and compromising it would typically give attackers the necessary access to achieve their objectives.
Each AD installation around the world is unique and the main problem that most AD environments face is insecure configuration. Due to their nature, these misconfigurations usually cannot be fixed as part of a vendor update or patch. Instead, these misconfigurations need to be identified and fixed as part of a targeted assessment in each environment. Therefore, it is important for defenders to know how to identify these issues and what remediation steps are needed to secure the environment.
The purpose of this entry-level workshop is to introduce the participants to the fundamental concepts relating to attacking Active Directory. To achieve this, we will be performing a hands-on security assessment against an AD environment. We will start from a compromised user and work our way through the domain until we complete our operational objectives. During the lab we will:
* Collect AD data using open-source tools, such as SharpHound.
* Identify attack paths using BloodHound.
* Exploit multiple misconfigurations using well-known tactics, techniques, and procedures (TTPs).
This training is aimed at people looking to start with Active Directory security. There are no specific requirements for attendees but a basic understanding of fundamental Active Directory concepts such as domains, users and groups would be beneficial.
If you are looking for a hands-on lab experience, you will need to bring a laptop capable of connecting to the internet over WiFi. The lab environment will be accessible remotely using a web browser. If you do not have a laptop and still want to attend, the lab instructors will be demonstrating the labs via a screen share.
Attendee Equipment Needed
For a hands-on lab experience, you will need to bring a laptop capable of connecting to the internet over WiFi. If you do not have a laptop and still want to attend, the lab instructors will be demonstrating the labs via a screen share.
Workshop thanks to
Presented By: Petros Koutroumpis, Dennis Panagiotopoulos, and Will Proctor
Please note this is concurrent to the conference.
This is available as an add-on when you purchase your ticket
If you have previously purchased a ticket and wish to add the workshop please do the following:
- Visit our ticket page https://www.eventbrite.com/e/the-diana-initiative-2023-tickets-500510499377
- Click “Get Tickets”
- Scroll down to “Purchasing add-on only” and select 1 from the drop down menu
- Scroll down to “An Introduction to Active Directory Exploitation” and select 1 from the drop down menu
- Click “check out”
- Please use the same email as you purchased your original ticket with.
- (Sorry we can’t just add to eventbrite orders!)
If you registered for this workshop and can no longer attend, or if you can not afford the workshop, please let us know registration@dianainitiative.com