Review Active Directory attacks for Red and Blue Teams training
By Cornelis de Plaa – April 2018
A few weeks ago i had the opportunity to attend the "Active Directory attacks for Red and Blue Teams" training led by Nikhil Mittal. Together with @_RastaMouse we were asked by Nikhil to help and assist the students with the exercises and hands-on during the training.
Here is my experience and short review on the training.
Location of the training
The training was held in the Novotel Hotel within the centre of Ghent in Belgium and hosted by the awesome BruCON crew, who absolutely did a great job in making it the perfect venue.
Because of the beautiful weather during the week and the perfect location within the city centre, we could go out after the training and enjoy sitting on the terraces, eating good food and drinking Belgium beers :)
What was this training all about
This training was about learning on how to attack a modern Active Directory environment using built-in tools within the OS like Powershell, trusted OS resources e.g. LOLBins (Living of the Land Binaries or scripts) and of course Mimikatz. Also a lot of countermeasures were discussed during the training, so people focussing on blue team operations were also served.
Training content
The course was split into three day's of training and started the first day with a introduction on Active Directory, Powershell and Active Directory trusts. During the day we got into local and domain privilege escalation and after each topic there was time to practise everything learned within the lab environment.
The second day was about Kerberos attacks and defence, trusts and delegation and again practise within the lab.
On the last day we got into Active Directory ACL abuse, persistency, detecting attacks and defence bypasses. There was also time for me and RastaMouse to give a short presentation about LAPS (Local Administrator Password Solution) and a tool i wrote called p0wnedshell. We ended the last day with attacks on MS-SQL servers within a Active Directory Domain/Trust.
The lab environment
Nikhil did a great job in building a realistic lab environment, which we could use to practise everything learned during the training. To access the lab environment we used OpenVPN, which worked very solid, also because the BruCON crew did a great job in setting up the network infra within the class. Every student also has a month lab access after the training, so enough time to rehearse all the exercises.
Conclusion and shoutout
I was very delighted for being invited by Nikhil for this awesome training.
Although i have some experience in managing and attacking Active Directory environments, i was still able to learn a lot new stuff which will be very useful within my day to day job as a Ethical Hacker and Advisor. During the week i also met some really nice people, so all in all it was a great experience. I can definitely recommend this training to anyone who wants to boost/sharpen his or her Active Directory Red/Blue teaming skills.
A big shout-out to Nikhil Mittal, @_RastaMouse, the BruCON crew and all the students and other awesome people i've met during the course.
A few weeks ago i had the opportunity to attend the "Active Directory attacks for Red and Blue Teams" training led by Nikhil Mittal. Together with @_RastaMouse we were asked by Nikhil to help and assist the students with the exercises and hands-on during the training.
Here is my experience and short review on the training.
Location of the training
The training was held in the Novotel Hotel within the centre of Ghent in Belgium and hosted by the awesome BruCON crew, who absolutely did a great job in making it the perfect venue.
Because of the beautiful weather during the week and the perfect location within the city centre, we could go out after the training and enjoy sitting on the terraces, eating good food and drinking Belgium beers :)
What was this training all about
This training was about learning on how to attack a modern Active Directory environment using built-in tools within the OS like Powershell, trusted OS resources e.g. LOLBins (Living of the Land Binaries or scripts) and of course Mimikatz. Also a lot of countermeasures were discussed during the training, so people focussing on blue team operations were also served.
Training content
The course was split into three day's of training and started the first day with a introduction on Active Directory, Powershell and Active Directory trusts. During the day we got into local and domain privilege escalation and after each topic there was time to practise everything learned within the lab environment.
The second day was about Kerberos attacks and defence, trusts and delegation and again practise within the lab.
On the last day we got into Active Directory ACL abuse, persistency, detecting attacks and defence bypasses. There was also time for me and RastaMouse to give a short presentation about LAPS (Local Administrator Password Solution) and a tool i wrote called p0wnedshell. We ended the last day with attacks on MS-SQL servers within a Active Directory Domain/Trust.
The lab environment
Nikhil did a great job in building a realistic lab environment, which we could use to practise everything learned during the training. To access the lab environment we used OpenVPN, which worked very solid, also because the BruCON crew did a great job in setting up the network infra within the class. Every student also has a month lab access after the training, so enough time to rehearse all the exercises.
Conclusion and shoutout
I was very delighted for being invited by Nikhil for this awesome training.
Although i have some experience in managing and attacking Active Directory environments, i was still able to learn a lot new stuff which will be very useful within my day to day job as a Ethical Hacker and Advisor. During the week i also met some really nice people, so all in all it was a great experience. I can definitely recommend this training to anyone who wants to boost/sharpen his or her Active Directory Red/Blue teaming skills.
A big shout-out to Nikhil Mittal, @_RastaMouse, the BruCON crew and all the students and other awesome people i've met during the course.
Reacties
Een reactie posten