$2,299.00
https://sectrain.hitb.org/courses/abusing-active-directory-hitb2022sin/?add-to-cart=8162
Date | Day | Time | Duration |
22 August | Monday | 09:00-17:00 SGT/GMT +8 | 8 Hours |
23 August | Tuesday | 09:00-17:00 SGT/GMT +8 | 8 Hours |
In this two-day training you will take a deep dive into modern day misconfigurations and attacks with labs built on fully patched Windows Server 2019, Windows 10 Enterprise and Azure Active Directory.
The course is designed to be beginner friendly but does require some basic knowledge of security concepts. You will quickly get your hands dirty with enumerating Active Directory users, groups, OUs, ACLs, ACEs etc.
Shortly after spotting the issues, you will start exploiting them to slowly move through the network and escalate privileges until becoming a domain admin. Along the way, you will gain a deep understanding of concepts such as lateral movement, different authentication protocols and tools used by red teamers and APTs.
The second day of the course takes the perspective of pivoting from the on-premises AD to compromising Azure AD. And the other way around. You will understand the difference between on-premises and cloud Active Directory, the different attack vectors and how compromising one can lead to comprising the other.
You will get a solid understanding of hybrid environments, modern authentication protocols, different ways to get, escalate and maintain access.
The course will finish with a short CTF that helps test your understanding and solidify the concepts your learned during the two days.
Watch this video to get a feel of Tarek’s online training where he explains AS-REP Roasting – a topic that is covered in more detail in the training.
Tarek (@DeanOfCyber), holds an MSc. in Information Security, is the technical advisor for GISEC, the largest security conference in the Middle East and is a previous OWASP Dubai Chapter Leader. He started his career as a security consultant for a boutique company in the UK where he delivered penetration tests for companies like BBC, Sky, Heinz, Ericsson, BT to name a few. Following that he relocated to Dubai as a senior penetration tester for Verizon. He then transitioned into leading security operations at the largest media organization in the middle east where he led high-end and complex projects. Currently, he is a subject matter expert working with a leading security vendor. As part of Hackers Academy, Tarek has delivered trainings to thousands of students both online and offline.
He currently contributes to the community through the monthly HAVOC event at havoc.hackersacademy.com in addition to regularly mentoring and tutoring university students and preparing them for the job market.
What students say about this training:
Khalifa (@kha1ifuzz) started his Penetration Testing career in 2014. He is a founder of a Offensivebits and Malcrove, companies specializing in Managed Cyber Defense and Offensive Security services. He led more than 60 projects in Penetration Testing and Red Teaming. He has worked as Strategic Technical Advisor to many organizations in UAE and worked on multiple projects such as developing Penetration Testing tools and discovering vulnerabilities.
Khalifa has also participated as an assistant trainer at the BlackHat course “Attacking and Securing APIs” and is regularly invited to deliver talks and workshops.
What students will be provided with:-
intercontinental singapore
follow us
T - 7 DAYS to get your talk proposals submitted to the #HITB2022SIN Call for Papers! Working on something cool? Submit it! #CallforPapers #CFP #Singapore #hackersgonnahack
Read MoreREMINDER: The Call for Papers for #HITB2022SIN closes on the 30th of June! Got something cool you're working on? Send it in!
Read MoreREMINDER: The Call for Papers for #HITB2022SIN closes at the end of this month! Working on something cool? Send it in! (RTs always appreciated)
Read More#HITB2022SIN KEYNOTE 2: Everybody Deserves Good Security - Runa Sandvik - cc @runasand
Read More#HITB2022SIN KEYNOTE 1: A Random Walk through a Few Million Things - Chris Rouland - cc @chris_rouland
Read MoreICYMI Registration for #HITB2022SIN is now open! Come join us in-person this August with keynotes by @runasand and @chris_rouland #Singapore #hackers #security #conference
Read More