{"id":2987,"date":"2016-08-04T16:00:35","date_gmt":"2016-08-04T20:00:35","guid":{"rendered":"https:\/\/adsecurity.org\/?p=2987"},"modified":"2016-08-03T21:56:10","modified_gmt":"2016-08-04T01:56:10","slug":"def-con-24-2016-talk-beyond-the-mcse-red-teaming-active-directory-presentation-slides-posted","status":"publish","type":"post","link":"https:\/\/adsecurity.org\/?p=2987","title":{"rendered":"DEF CON 24 (2016) Talk &#8220;Beyond the MCSE: Red Teaming Active Directory&#8221; Presentation Slides Posted"},"content":{"rendered":"<p>On Thursday, August 4th, I presented &#8220;<a href=\"https:\/\/adsecurity.org\/?p=2910\">Beyond the MCSE: Red Teaming Active Directory<\/a>&#8221; at <a href=\"https:\/\/defcon.org\/html\/defcon-24\/dc-24-speakers.html#Metcalf\">DEF CON 24 (2016).<\/a><\/p>\n<p>Here are the slides for this talk:\u00a0 <a href=\"https:\/\/adsecurity.org\/wp-content\/uploads\/2016\/08\/DEFCON24-2016-Metcalf-BeyondTheMCSE-RedTeamingActiveDirectory.pdf\">DEFCON24-2016-Metcalf-BeyondTheMCSE-RedTeamingActiveDirectory<\/a><\/p>\n<p>Here\u2019s <a href=\"https:\/\/defcon.org\/html\/defcon-24\/dc-24-speakers.html#Metcalf\">my talk description from the DEF CON website<\/a>:<\/p>\n<blockquote><p>Active Directory (AD) is leveraged by 95% of the Fortune 1000 companies for its directory, authentication, and management capabilities, so why do red teams barely scratch the surface when it comes to leveraging the data it contains? This talk skips over the standard intro to Active Directory fluff and dives right into the compelling offensive information useful to a Red Teamer, such as quickly identifying target systems and accounts. AD can yield a wealth of information if you know the right questions to ask. This presentation ventures into areas many didn\u2019t know existed and leverages capability to quietly identify interesting accounts &amp; systems, identify organizations the target company does business with regularly, build target lists without making a sound, abuse misconfigurations\/existing trusts, and quickly discover the most interesting shares and their location. PowerShell examples and AD defense evasion techniques are provided throughout the talk.<\/p>\n<p>Let\u2019s go beyond the MCSE and take a different perspective on the standard AD recon and attack tactics.<\/p><\/blockquote>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On Thursday, August 4th, I presented &#8220;Beyond the MCSE: Red Teaming Active Directory&#8221; at DEF CON 24 (2016). Here are the slides for this talk:\u00a0 DEFCON24-2016-Metcalf-BeyondTheMCSE-RedTeamingActiveDirectory Here\u2019s my talk description from the DEF CON website: Active Directory (AD) is leveraged by 95% of the Fortune 1000 companies for its directory, authentication, and management capabilities, so &hellip; <\/p>\n<p><a class=\"more-link btn\" href=\"https:\/\/adsecurity.org\/?p=2987\">Continue reading<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[565,11,234],"tags":[993,976,973,987,991,992],"class_list":["post-2987","post","type-post","status-publish","format-standard","hentry","category-activedirectorysecurity","category-microsoft-security","category-security-conference-presentationvideo","tag-993","tag-active-directory-security","tag-defcon24","tag-mcse","tag-presentation-slides","tag-red-teaming-active-directory","item-wrap"],"_links":{"self":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/posts\/2987","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2987"}],"version-history":[{"count":1,"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/posts\/2987\/revisions"}],"predecessor-version":[{"id":2988,"href":"https:\/\/adsecurity.org\/index.php?rest_route=\/wp\/v2\/posts\/2987\/revisions\/2988"}],"wp:attachment":[{"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2987"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2987"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/adsecurity.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2987"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}