At DerbyCon 8 (2018) over the weekend Will Schroeder (@Harmj0y), Lee Christensen (@Tifkin_), & Matt Nelson (@enigma0x3), spoke about the unintended risks of trusting AD. They cover a number of interesting persistence and privilege escalation methods, though one in particular caught my eye. Overview Lee figured out and presents a scenario where there’s an account …
Tag: AD credential theft
Recent Posts
- Attacking Active Directory Group Managed Service Accounts (GMSAs)
- From Azure AD to Active Directory (via Azure) – An Unanticipated Attack Path
- What is Azure Active Directory?
- Slides Posted for Black Hat USA 2019 Talk: Attacking & Defending the Microsoft Cloud
- AD Reading: Windows Server 2019 Active Directory Features
Trimarc Active Directory Security Services
Have concerns about your Active Directory environment?
Trimarc helps enterprises improve their security posture.
Find out how... TrimarcSecurity.com
Popular Posts
- Attack Methods for Gaining Domain Admin Rights in…
- PowerShell Encoding & Decoding (Base64)
- Kerberos & KRBTGT: Active Directory’s…
- Finding Passwords in SYSVOL & Exploiting Group…
- Securing Domain Controllers to Improve Active…
- Securing Windows Workstations: Developing a Secure Baseline
- Mimikatz DCSync Usage, Exploitation, and Detection
- Detecting Kerberoasting Activity
- Scanning for Active Directory Privileges &…
- The Most Common Active Directory Security Issues and…
Categories
- ActiveDirectorySecurity
- Apple Security
- Cloud Security
- Continuing Education
- Entertainment
- Exploit
- Hacking
- Hardware Security
- Hypervisor Security
- Linux/Unix Security
- Malware
- Microsoft Security
- Mitigation
- Network/System Security
- PowerShell
- RealWorld
- Security
- Security Conference Presentation/Video
- Security Recommendation
- Technical Article
- Technical Reading
- Technical Reference
- TheCloud
- Vulnerability
Tags
ActiveDirectory
Active Directory
ActiveDirectoryAttack
ActiveDirectorySecurity
Active Directory Security
ADReading
ADSecurity
AD Security
DCSync
DEFCON
DomainController
EMET5
GoldenTicket
HyperV
Invoke-Mimikatz
KB3011780
KDC
Kerberos
KerberosHacking
KRBTGT
LAPS
LSASS
MCM
MicrosoftEMET
MicrosoftWindows
mimikatz
MS14068
PassTheHash
PowerShell
PowerShellCode
PowerShellHacking
PowerShellv5
PowerSploit
Presentation
Security
SIDHistory
SilverTicket
SneakyADPersistence
SPN
TGS
TGT
Windows10
WindowsServer2008R2
WindowsServer2012
WindowsServer2012R2