Intro to Kerberos and Common AD Privesc Attacks with Empire



In this workshop, SANS instructor and lead author of SEC565: Red Team Operations and Adversary Emulation, Jean-Francois Maes, will walk the audience through a guided hands-on workshop where common Active Directory Privilege Escalation Attacks are going to be discussed and executed using Empire version 5.

 

Attacks that will be conducted:

  • Kerberoasting
  • DCSyncing
  • Hopping parent/child trust using SID history
  • Abusing Unconstrained Delegation

At the end of the workshop, attendees will have an AD playground in their possession that can be spun up and torn down in AWS at their discretion. Attendees will also have gained familiarity with the Kerberos protocol as well as an understanding of common attacks that are performed in AD environments.

 

System Requirements

  • Debian based Virtual Machine

This workshop is ideally suited for blue teamers that want to peek behind the curtain and understand how adversaries attack AD and pentesters that may not be as familiar with AD environments yet.

Speaker and Presenter Information

Jean-François Maes

Relevant Government Agencies

Other Federal Agencies, Federal Government, State & Local Government


Event Type
Webcast


When
Tue, Jan 21, 2025, 12:00pm ET


Cost
Complimentary:    $ 0.00


Website
Click here to visit event website


Organizer
SANS Institute


Contact Event Organizer



Return to search results