{"id":14306,"date":"2024-05-13T04:50:24","date_gmt":"2024-05-13T04:50:24","guid":{"rendered":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/"},"modified":"2024-08-01T05:25:58","modified_gmt":"2024-08-01T05:25:58","slug":"active-directory-penetration-testing-playbook-bkk2024","status":"publish","type":"product","link":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/","title":{"rendered":"Active Directory Penetration Testing Playbook"},"content":{"rendered":"

ATTEND IN-PERSON<\/span><\/strong>: <\/span><\/strong>Onsite in Bangkok, Thailand<\/strong><\/h4>\n
\n
\n

DATE: 27-28 August 2024<\/strong><\/h4>\n<\/div>\n

TIME: 09:00 to 17:00 ICT\/GMT+7<\/strong><\/h4>\n\n\n\n\n\n
Date<\/strong><\/td>\nDay<\/strong><\/td>\nTime<\/strong><\/td>\nDuration<\/strong><\/td>\n<\/tr>\n
27 Aug<\/td>\nTuesday<\/td>\n0900-17:00 ICT\/GMT+7<\/td>\n8 Hours<\/td>\n<\/tr>\n
28 Aug<\/td>\nWednesday<\/td>\n0900-17:00 ICT\/GMT+7<\/td>\n8 Hours<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
\n<\/div>\n
According to Frost & Sullivan, Microsoft Active Directory is adopted by approximately 90% of Fortune 1000 companies as a primary method to provide seamless authentication and authorization. Such pervasive technology is nowadays a primary target for threat adversaries willing to compromise the core of an enterprise network and access to its most business-critical data.<\/h5>\n

Given the crucial role of Active Directory, understanding its architecture, protocols, attack surface, and common weaknesses are key for structuring effective and repeatable penetration testing initiatives.<\/p>\n

This workshop presents a beginner-friendly methodology to assess Microsoft AD environment. Starting from the introduction of effective domain enumeration techniques, students are presented with the most common misconfigurations affecting AD environments, and how to detect and exploit such issues to demonstrate the related impact.<\/p>\n

As part of the workshop, multiple real-world case studies will be offered to attendants including examples of techniques adopted by modern Advanced Persistent Threats (APTs) to attack the most secure Active Directory environments on the planet.<\/p>\n

\u00a0<\/strong><\/p>\n

Key learning objectives<\/strong><\/h5>\n
\n
    \n
  • Understand the architecture and key components of a modern Microsoft Active Directory environment.<\/li>\n
  • Learn how to extensively enumerate a domain to understand the target organization\u2019s structure, users & groups privileges, and trust relationships.<\/li>\n
  • Learn how to detect and validate the most common misconfigurations affecting Active Directory deployments.<\/li>\n
  • Familiarize yourself with the most common tools adopted by security professionals to test the security of Active Directory.<\/li>\n
  • Get an introduction AzureAD and the main attack phases and their techniques against modern cloud environments.<\/li>\n<\/ul>\n<\/div>\n

     <\/p>\n

    What will the students get<\/strong><\/h5>\n
      \n
    • Practical methods to identify and exploit the most common Active Directory weaknesses.<\/li>\n
    • A mini-arsenal with pre-configured tools for testing Active Directory environments.<\/li>\n<\/ul>\n

       <\/p>\n

      <\/h5>\n
      Agenda\/ Topics Covered<\/strong><\/h5>\n

      Overview on Active Directory Penetration Testing<\/strong><\/p>\n

        \n
      • What is Microsoft Active Directory (AD) and its role in modern enterprise network.<\/li>\n
      • What is Active Directory Domain Services (AD DS).<\/li>\n
      • What is Penetration Testing?<\/li>\n
      • Penetration Testing vs. Red Teaming Active Directory.<\/li>\n<\/ul>\n

         <\/p>\n

        Extensive Active Directory Domain Enumeration<\/strong><\/p>\n

          \n
        • Understanding the structure of the target environment by enumerating Forests, Domains, Organizational Unit (OUs), Users, Groups, and Computers.<\/li>\n
        • Mapping privileges and trust relationships in the domain by enumerating Group Policy Objects (GPOs), Access Control Lists (ACLs), and Domain Trusts.<\/li>\n
        • Introduction to Bloodhound for extensive domain enumeration.<\/li>\n<\/ul>\n

           <\/p>\n

          Abusing Active Directory for Local Privileges Escalation<\/strong><\/p>\n

            \n
          • Abusing GPO for local privileges escalation.<\/li>\n
          • Abuse local administrative password in Group Policy Preference files.<\/li>\n
          • Abuse Local Administrator Password Solution (LAPS).<\/li>\n<\/ul>\n

             <\/p>\n

            Domain Persistence Techniques<\/strong><\/p>\n

              \n
            • Overview on Domain Persistence Techniques<\/li>\n
            • Case study: Golden & Silver Ticket Attacks<\/li>\n<\/ul>\n

               <\/p>\n

              Domain Privileges Escalation<\/strong><\/p>\n

                \n
              • Domain escalation: Domain Admin is just the beginning.<\/li>\n
              • Escalate privileges via Kerberoasting and AS-REP Roasting attacks.<\/li>\n
              • Password Spraying Attacks.<\/li>\n
              • How to select high-value users to be attacked.<\/li>\n
              • How to build a password dictionary to increase the guessing success rate.<\/li>\n
              • Overview on Kerberos Delegation issues.<\/li>\n
              • Identify Interesting ACL and abuse for Domain Escalation.<\/li>\n<\/ul>\n

                 <\/p>\n

                Lateral Movement<\/strong><\/p>\n

                  \n
                • Lateral Movement via network protocols\n
                    \n
                  • PowerShell Remoting<\/li>\n
                  • RDP<\/li>\n
                  • SMB\/RPC<\/li>\n
                  • WinRM<\/li>\n<\/ul>\n<\/li>\n
                  • Abusing ACL for Lateral Movement\n
                      \n
                    • Manipulating passwords and group members<\/li>\n<\/ul>\n<\/li>\n
                    • Pass-the-Hash (PtH)<\/li>\n
                    • Over-Pass-the-Hash (Over-PtH)<\/li>\n
                    • Pass-the-Ticket (PtT)<\/li>\n<\/ul>\n

                       <\/p>\n

                      Overview on Cloud-based & Hybrid Active Directory Security<\/strong><\/p>\n

                        \n
                      • Terminology first: AD, ADDS, AAD, AADDS, Microsoft 365, Office 365, etc.<\/li>\n
                      • AzureAD Reconnaissance\n
                          \n
                        • Users, Groups, Roles, Applications, etc.<\/li>\n
                        • Introduction to AzureHound for domain enumeration.<\/li>\n<\/ul>\n<\/li>\n
                        • Lateral Movement Techniques\n
                            \n
                          • Moving laterally by abusing SharePoint Online \/ OneDrive.<\/li>\n
                          • Effective internal phishing attacks leveraging Microsoft Teams.<\/li>\n<\/ul>\n<\/li>\n
                          • Example of Privilege Escalation technique: the Golden SAML attack.<\/li>\n
                          • Example of Persistence technique: abusing application ownership.<\/li>\n<\/ul>\n

                             <\/p>\n

                             <\/p>\n","protected":false},"excerpt":{"rendered":"

                            This 2-day workshop is designed to provide students a solid foundation on how to execute security testing activities against Microsoft Active Directory (AD) environments. Students are equipped with the essential theory and practice to start challenging the security of enterprise networks and identify weaknesses that could mine the security of an entire organization.<\/h6>\n","protected":false},"featured_media":14305,"template":"","meta":{"_acf_changed":false},"product_cat":[85,84,86,87],"product_tag":[],"class_list":{"0":"post-14306","1":"product","2":"type-product","3":"status-publish","4":"has-post-thumbnail","6":"product_cat-2-day-workshop","7":"product_cat-bkk-2024","8":"product_cat-bkk-2024-workshop","9":"product_cat-workshop-2","11":"first","12":"outofstock","13":"shipping-taxable","14":"purchasable","15":"product-type-simple"},"acf":[],"yoast_head":"\nActive Directory Penetration Testing Playbook - HITBSecConf2024 - Bangkok<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Active Directory Penetration Testing Playbook - HITBSecConf2024 - Bangkok\" \/>\n<meta property=\"og:description\" content=\"This 2-day workshop is designed to provide students a solid foundation on how to execute security testing activities against Microsoft Active Directory (AD) environments. Students are equipped with the essential theory and practice to start challenging the security of enterprise networks and identify weaknesses that could mine the security of an entire organization.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/\" \/>\n<meta property=\"og:site_name\" content=\"HITBSecConf2024 - Bangkok\" \/>\n<meta property=\"article:modified_time\" content=\"2024-08-01T05:25:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-content\/uploads\/sites\/22\/2024\/05\/matteo-bkk-workshop-2.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"612\" \/>\n\t<meta property=\"og:image:height\" content=\"408\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/\",\"url\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/\",\"name\":\"Active Directory Penetration Testing Playbook - HITBSecConf2024 - Bangkok\",\"isPartOf\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-content\/uploads\/sites\/22\/2024\/05\/matteo-bkk-workshop-2.jpeg\",\"datePublished\":\"2024-05-13T04:50:24+00:00\",\"dateModified\":\"2024-08-01T05:25:58+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/#primaryimage\",\"url\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-content\/uploads\/sites\/22\/2024\/05\/matteo-bkk-workshop-2.jpeg\",\"contentUrl\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-content\/uploads\/sites\/22\/2024\/05\/matteo-bkk-workshop-2.jpeg\",\"width\":612,\"height\":408},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Shop\",\"item\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/shop\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Active Directory Penetration Testing Playbook\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/#website\",\"url\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/\",\"name\":\"HITBSecConf2024 - Bangkok\",\"description\":\"August 26 - 30 @ InterContinental\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Active Directory Penetration Testing Playbook - HITBSecConf2024 - Bangkok","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/","og_locale":"en_US","og_type":"article","og_title":"Active Directory Penetration Testing Playbook - HITBSecConf2024 - Bangkok","og_description":"This 2-day workshop is designed to provide students a solid foundation on how to execute security testing activities against Microsoft Active Directory (AD) environments. Students are equipped with the essential theory and practice to start challenging the security of enterprise networks and identify weaknesses that could mine the security of an entire organization.","og_url":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/","og_site_name":"HITBSecConf2024 - Bangkok","article_modified_time":"2024-08-01T05:25:58+00:00","og_image":[{"width":612,"height":408,"url":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-content\/uploads\/sites\/22\/2024\/05\/matteo-bkk-workshop-2.jpeg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/","url":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/","name":"Active Directory Penetration Testing Playbook - HITBSecConf2024 - Bangkok","isPartOf":{"@id":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/#website"},"primaryImageOfPage":{"@id":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/#primaryimage"},"image":{"@id":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/#primaryimage"},"thumbnailUrl":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-content\/uploads\/sites\/22\/2024\/05\/matteo-bkk-workshop-2.jpeg","datePublished":"2024-05-13T04:50:24+00:00","dateModified":"2024-08-01T05:25:58+00:00","breadcrumb":{"@id":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/#primaryimage","url":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-content\/uploads\/sites\/22\/2024\/05\/matteo-bkk-workshop-2.jpeg","contentUrl":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-content\/uploads\/sites\/22\/2024\/05\/matteo-bkk-workshop-2.jpeg","width":612,"height":408},{"@type":"BreadcrumbList","@id":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/product\/active-directory-penetration-testing-playbook-bkk2024\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/"},{"@type":"ListItem","position":2,"name":"Shop","item":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/shop\/"},{"@type":"ListItem","position":3,"name":"Active Directory Penetration Testing Playbook"}]},{"@type":"WebSite","@id":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/#website","url":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/","name":"HITBSecConf2024 - Bangkok","description":"August 26 - 30 @ InterContinental","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-json\/wp\/v2\/product\/14306"}],"collection":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-json\/wp\/v2\/product"}],"about":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-json\/wp\/v2\/types\/product"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-json\/wp\/v2\/media\/14305"}],"wp:attachment":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-json\/wp\/v2\/media?parent=14306"}],"wp:term":[{"taxonomy":"product_cat","embeddable":true,"href":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-json\/wp\/v2\/product_cat?post=14306"},{"taxonomy":"product_tag","embeddable":true,"href":"https:\/\/conference.hitb.org\/hitbsecconf2024bkk\/wp-json\/wp\/v2\/product_tag?post=14306"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}