Tag: Active Directory Security

Mitigating Exchange Permission Paths to Domain Admins in Active Directory

This article is a cross-post from TrimarcSecurity.comOriginal article: https://www.trimarcsecurity.com/single-post/2019/02/12/Mitigating-Exchange-Permission-Paths-to-Domain-Admins-in-Active-Directory The Issue Recently a blog post was published by Dirk-jan Mollema titled “Abusing Exchange: One API call away from Domain Admin ” (https://dirkjanm.io/abusing-exchange-one-api-call-away-from-domain-admin/)which highlighted several issues with Exchange permissions and a chained attack which would likely result in a regular user with a mailbox being able to …

Continue reading

Beyond Domain Admins – Domain Controller & AD Administration

Active Directory has several levels of administration beyond the Domain Admins group. In a previous post, I explored: “Securing Domain Controllers to Improve Active Directory Security” which explores ways to better secure Domain Controllers and by extension, Active Directory. For more information on Active Directory specific rights and permission review my post “Scanning for Active …

Continue reading

Securing Domain Controllers to Improve Active Directory Security

Active Directory security effectively begins with ensuring Domain Controllers (DCs) are configured securely. At BlackHat USA this past Summer, I spoke about AD for the security professional and provided tips on how to best secure Active Directory. This post focuses on Domain Controller security with some cross-over into Active Directory security. The blog is called …

Continue reading

DEF CON 24 (2016) Talk “Beyond the MCSE: Red Teaming Active Directory” Presentation Slides Posted

On Thursday, August 4th, I presented “Beyond the MCSE: Red Teaming Active Directory” at DEF CON 24 (2016). Here are the slides for this talk:  DEFCON24-2016-Metcalf-BeyondTheMCSE-RedTeamingActiveDirectory Here’s my talk description from the DEF CON website: Active Directory (AD) is leveraged by 95% of the Fortune 1000 companies for its directory, authentication, and management capabilities, so …

Continue reading

Black Hat USA 2016 Talk – Beyond the MCSE: Active Directory for the Security Professional

This summer in Las Vegas, I’m speaking at Black Hat USA 2016 on Active Directory security, “Beyond the MCSE: Active Directory for the Security Professional.” This talk covers the key AD security components with specific focus on the things security professionals should know. I put this talk together because I have noticed that while Active …

Continue reading

DEF CON 24 (2016) Talk – Beyond the MCSE: Red Teaming Active Directory

This August at DEF CON 24, I will be speaking about Active Directory security evaluation in my talk “Beyond the MCSE: Red Teaming Active Directory”. This talk is focused on the Red side of AD security, specifically how to best evaluate the security of AD and quickly identify potential security issues. Whether you perform “Red …

Continue reading