{"id":9591,"date":"2022-11-04T05:44:18","date_gmt":"2022-11-04T05:44:18","guid":{"rendered":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/abusing-active-directory-on-prem-azure-hitb2023ams\/"},"modified":"2023-04-18T06:25:49","modified_gmt":"2023-04-18T06:25:49","slug":"abusing-active-directory-on-prem-azure-hitb2023ams","status":"publish","type":"product","link":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/product\/abusing-active-directory-on-prem-azure-hitb2023ams\/","title":{"rendered":"Abusing Active Directory (On-Prem & Azure)"},"content":{"rendered":"
\n
\n
\n
\n
\n
\n

REGISTRATION CLOSED<\/span><\/strong><\/h2>\n

DATE: 17-18 April 2023<\/strong><\/h4>\n

TIME: 09:00 to 17:00 CEST\/GMT+2<\/strong><\/h4>\n<\/div>\n<\/div>\n\n\n\n\n\n
Date<\/strong><\/td>\nDay<\/strong><\/td>\nTime<\/strong><\/td>\nDuration<\/strong><\/td>\n<\/tr>\n
17 Apr<\/td>\nMonday<\/td>\n09:00 to 17:00 CEST\/GMT+2<\/td>\n8 Hours<\/td>\n<\/tr>\n
18 Apr<\/td>\nTuesday<\/td>\n09:00 to 17:00 CEST\/GMT+2<\/td>\n8 Hours<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n
\n
NO port scanning
\nNO vulnerability scanning
\nNO Metasploit<\/h5>\n

Discover how APTs abuse Active Directory both on-prem and in the cloud. For system engineers, defenders, penetration testers and aspiring blue teamers, get introduced to active directory hacking based on real life scenarios and misconfigurations.<\/p>\n

In this two-day training you will take a deep dive into modern day misconfigurations and attacks with labs built on fully patched Windows Server 2019, Windows 10 Enterprise and Azure Active Directory.<\/p>\n

The course is designed to be beginner friendly but does require some basic knowledge of security concepts. You will quickly get your hands dirty with enumerating Active Directory users, groups, OUs, ACLs, ACEs etc.<\/p>\n

Shortly after spotting the issues, you will start exploiting them to slowly move through the network and escalate privileges until becoming a domain admin. Along the way, you will gain a deep understanding of concepts such as lateral movement, different authentication protocols and tools used by red teamers and APTs.<\/p>\n

The second day of the course takes the perspective of pivoting from the on-premises AD to compromising Azure AD. And the other way around. You will understand the difference between on-premises and cloud Active Directory, the different attack vectors and how compromising one can lead to comprising the other.<\/p>\n

You will get a solid understanding of hybrid environments, modern authentication protocols, different ways to get, escalate and maintain access.<\/p>\n

 <\/p>\n

The course will finish with a short CTF that helps test your understanding and solidify the concepts you’ve learned during the two days.<\/strong><\/h5>\n
    \n
  • Enumeration deep dive into user account, groups, OUs, GPOs<\/li>\n
  • Understanding and enumerating ACLs<\/li>\n
  • Lateral movement<\/li>\n
  • Different password attacks<\/li>\n
  • Understanding authentication protocols and different attacks (NTLM relay, PTH, Over-PTH, etc.)<\/li>\n
  • Kerberos deep dive and multiple attacks (AS-REP roasting, kerberoasting, silver ticket, golden ticket)<\/li>\n
  • Pivoting between Azure AD and on-prem AD<\/li>\n
  • Stealing tokens<\/li>\n
  • Abusing playbooks<\/li>\n
  • Looting secrets<\/li>\n
  • Abusing VMs<\/li>\n
  • Abusing container registries<\/li>\n
  • And a lot more!<\/li>\n<\/ul>\n

     <\/p>\n

    Key Learning Objectives<\/strong><\/h5>\n
    \n
    \n
    \n
    \n
    \n
      \n
    • Practical hands-on training that allows for exploiting real-world on-premise and Azure misconfigurations.<\/li>\n
    • Penesters, red teamers and sys admins will get a solid understanding of the root cause of the abusable misconfigurations.<\/li>\n
    • Deep understanding of modern protocols, techniques and toolsets relavant to on-prem and Azure AD.<\/li>\n<\/ul>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n

       <\/p>\n

      Student will be provided with<\/strong><\/h5>\n
      \n

      Course material<\/p>\n

        \n
      • Cloud labs will be available for each student for 270 hours usage (within 90 days from the start of the training)<\/li>\n
      • The instructors will share their own lab guide so students can replicate the setup in their private labs<\/li>\n
      • Scripts to automate on-prem lab creation<\/li>\n<\/ul>\n<\/div>\n

         <\/p>\n

        Watch this video to get a feel of Tarek’s online training where he explains AS-REP Roasting – a topic that is covered in more detail in the training.<\/strong><\/h5>\n