Active Directory Attacks for Red and Blue Teams

(Please contact me at nikhil[dot]uitrgpv[at]gmail[dot]com for more details and schedule.)

Enterprises are managed using Active Directory (AD) and it often forms the backbone of the complete enterprise network. Therefore, to secure an enterprise from an adversary, it is inevitable to secure its AD environment. To secure AD, you must understand different techniques and attacks used by adversaries against it. Often burdened with maintaining backward compatibility and interoperability with a variety of products, AD environments lack ability to tackle latest threats.
This training is aimed towards attacking modern AD Environment using built-in tools, scripting languages and other trusted OS resources. The training is based on real world penetration tests and Red Team engagements for highly secured environments.  Some of the techniques, used in the course:
- Extensive AD Enumeration
- Active Directory trust mapping and abuse.
- Privilege Escalation (User Hunting, Delegation issues and more)
- Kerberos Attacks and Defense (Golden, Silver ticket, Kerberoast and more)
- Abusing cross forest trust (Lateral movement across forest, PrivEsc and more)
- Abusing SQL Server trust in AD (Command Execution, trust abuse, lateral movement)
- Credentials Replay Attacks (Over-PTH, Token Replay etc.)
- Persistence (WMI, GPO, ACLs and more)
- Defenses (JEA, PAW, LAPS, Deception, App Whitelisting, Advanced Threat Analytics etc.)
- Bypassing defenses

The course is a mixture of fun, demos, exercises, hands-on and lecture. You start from compromise of a user desktop and work your way up to complete forest pwnage. The training focuses more on methodology and techniques than tools.

Attendees will get free one month access to an Active Directory environment comprising of multiple domains and forests, during and after the training. This training aims to change how you test an Active Directory Environment.

Testimonials 


"Absolutely loved the philosophy of the class. We got Enterprise Admin privileges so silently and efficiently. One of the best technical classes I have ever been to."
Student, Black Hat Las Vegas, 2018

"Learned a lot of good information. Glad that I signed up for this class."
Student, Black Hat Las Vegas, 2018

"Training was worth every penny! Would definitely recommend it to anyone trying to improve their Active Directory attack knowledge."
Student, Black Hat Las Vegas, 2018

"I take BH classes every year and this was one of the best. Thank you."
Student, Black Hat Las Vegas, 2018

"Great training material. So much to learn."
Student, Black Hat Las Vegas, 2018

"It was a great opportunity to know and try the AD attack methods. I work for Security Vendors and provide IR services, and I do Malware Analysis or Forensics. For that, I need to know the attack method to trace the attacker's behavior, and I knew the AD attack methods. But most of the topic you provided in the class were the first time for me to actually try. It was great! And the content included the latest content such as DCShadow. It was also great! Thank you so much."
Student, Black Hat Las Vegas, 2018

"Very good class, worth every dime. I loved we covered blue team. I loved this course!"
Student, Black Hat Las Vegas, 2018

"I thought I had a good understanding of Active Directory attacks and defense before taking this course, but my eyes were really opened now. I'm pretty excited to use this now skill to help secure my organization."
Student, Black Hat Las Vegas, 2018

"I can definitely recommend this training to anyone who wants to boost/sharpen his or her Active Directory Red/Blue teaming skills."
http://ad-redbluetraining.blogspot.in/2018/05/review-active-directory-attacks-for-red.html
Cornelis, BruCON Spring, 2018

"I enjoyed this training last fall and it was amazing. Huge amounts of useful information over 3 days. Very solid demo lab and excellent on site networking from the brucon support team."
Mitch, BruCON Spring, 2018

"Strongly recommend training with @nikhil_mitt, it was so much interesting. Thanks."
BruCON Spring, 2018

"If you have the opportunity to attend the course, I would highly recommend it."
https://rastamouse.me/2018/05/review-active-directory-attacks-for-red-and-blue-teams/
Dan, BruCON Spring, 2018

"It contains a lot of exercises and all the material and walkthroughs are well documented."
BruCON Spring, 2018

"I liked the structure of the course and the hands-on sessions."
BruCON Spring, 2018

"Lab has a great diversity of systems."
BruCON Spring, 2018

"Much content of the class is directly usable in my daily job."
BruCON Spring, 2018

"The best part was lateral movement from non-privileged domain user to DA using various techniques."
BruCON Spring, 2018

"Liked the competence of the trainer."
BruCON Spring, 2018

"The hands on parts were really elaborated and it was possible to catch up if you got lost."
BruCON Spring, 2018

"I had an awesome time in this class. I learned a ton about Active Directory, what things to be aware of, and how features that have to exist for AD to work can be exploited."
Kevin, CanSecWest, 2018

"The class was very useful and the content was presented in a very interesting way."
BHUSA, 2017

"I am definitely implementing stuff in my job."
BHUSA, 2017

"Liked the use of PowerShell and other scripts without any Kali box."
BHUSA, 2017

"I learned a lot about Active Directory in the class. I am doing red teaming for many years but never looked at active directory in the ways explained in this class. I will recommend this class to my colleagues."
BHUSA, 2017

"The best pentesting class I ever had at BlackHat."
BHUSA, 2017

"I liked the philosophy of the class which was not touching disk and minimizing detection. I was amazed by the hands-on where we escalated from Domain Admin to Enterprise Admin."
BHUSA, 2017

"Liked the abuse of functionality. It was interesting to see that we took over the forests without exploiting even a single vulnerability."
BHUSA, 2017

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.