STEALING THE CROWN - RED TEAMING ACTIVE DIRECTORY ENVIRONMENTS 

Overview

As if 2 days weren't enough, this year we decided to raise the bet: 4 days of pure hacking, with new content, more depth, more techniques, more exercises, more labs, more fun!

In this training we will explain current Techniques, Tactics and Procedures to infiltrate networks, maintain persistence and scale up to reach targets in Active Directory infrastructures.

For those dedicated to pentesting and who want to approach red teaming, it will teach the tactical techniques and procedures (TTPs) used by real attackers.

For those who are dedicated to defense, it will help understand how the attacks work to devise and strengthen the defense of their infrastructure (knowing the enemy).

In our opinion, one of the best ways to make successful attacks is to understand how the targets work, what tools are available and which we can create or customize to take advantage of system weaknesses and functionalities. This is why the concepts necessary to understand the operation of the techniques and attacks will be explained, and then applied and seen in action in a controlled laboratory environment. This approach will allow you to understand what is happening, regardless of what tool you are using.

The training will start from the base of a compromised host, until it takes full control of the Active Directory infrastructure.

"He who can modify his tactics in relation to his opponent and thereby succeed in winning, may be called a heaven-born captain." - Sun Tzu




Course Outline

 

  • General concepts

  • Introduction to SO architecture

  • Active Directory Kill chain

  • Initial compromise

  • Payload creation

  • Local persistence

  • Local recognition

  • Local credential compromise

  • Privilege escalation

  • Network and domain discovery

  • Remote execution and lateral movement

  • ACLs exploiting

  • Kerberos attacks

  • Persistence in Active Directory 


Pre-requisites                 

  • Knowledge of Windows Servers management

  • Knowledge of Active Directory

  • Knowledge of Group Policy Objects management

  • Knowledge of virtualization tools (VMWare)


What Students Should Bring
                   


  • Laptop with i5 or higher processor (or equivalent)

  • Virtualization compatibility (Intel VT or AMD-V)

  • 8 GB RAM or higher                     

  • 40 GB of free disk space




Español

4 days

20, 21, 22 y 23 de septiembre

ONLINE

Cost

Up to 31/08 

USD 2500

Questions?

Email us at capacitacion@ekoparty.org


Instructor


Javier Antunez.  Since 1999, he has worked in the Information Security area, where he has served as Administrator, Auditor and Analyst, and as an independent consultant for top-level companies.

He has a degree in Systems from the University of Morón, CISSP (Certified Information Systems Security Professional) and Lead Auditor in ISO / IEC 27001 from TÜV Rheinland. He is a graduate of the Security Management Program of the Argentine Chapter of ASIS (American Society for Industrial Security).


He has experience in network security analysis and design, security reviews in operating systems and networks, penetration testing, development of security policies and standards, public key infrastructure, firewall management, implementation and support of encryption tools, analysis of risk, training and awareness programs. It also actively participates in web application development and infrastructure projects based on SOA and control automation.

He has worked as an instructor in computer security training courses for top-level companies, and has given seminars and conferences on Biometrics, Secure Web Application Development, Cryptography, Windows Security and ISO / IEC 27001 and 27002, among others.

He was a founding partner of the Argentine chapter of ISSA (Information Systems Security Association), and served successively as Vice-president, President and Secretary of the same, being now again President of the same. He was part of the Argentine Council of Information Security (CASI) and the Argentine chapter of ISC2.

Instructor


Diego Bruno. He has been in the field of computer security for 10 years, having also achieved several international certifications throughout his career such as CCNA (Certified Cisco Network Associate) - MCSA (Microsoft Certified System Administrator) - AS | PT (Attack-Secure Penetration Tester) and CEHv7 (EC-Council Certified Ethical Hacker) and ISO 27001: 2013 Lead Auditor.


He has extensive real experience in network security analysis and design, security reviews in operating systems and networks, penetration testing and Vulnerability Assesments (VA), development of security policies and standards, public key infrastructure, firewall management, implementation and support of encryption tools, risk analysis, training and awareness programs.

He has worked both in his consultant role as well as as an architect and security analyst in leading companies such as Visa, Citibank, HSBC, Emepa, Scania, Claro, Telefónica and several others.

He has worked as an instructor in computer security training courses for top-level companies, and has given seminars and conferences on Hardening of Windows platforms, Cryptography, Ethical Hacking and security in virtualized environments and the family of ISO / IEC 27000 standards in recognized local and international conferences such as RiseCon, 8.8, etc.

Currently, he can can be found at his personal blog www.blackmantisecurity.com