Join us for 2 days Forensics lab training with an att@כk3r's Mindset!
We will go through from basic attacks to advanced scenarios: From the common vectors and how to detect & respond, up to migitating adversary persistence, as well as backdoors revealing.
We will also cover how to get information on what happened in your AD domains in case very little is available, e.g. logs wiped/encrypted, DCs offline etc.
- Introduction to AD security architecture, flaws & undocumented gaps
- Understanding common AD attacks & attack paths
- Discovering a set of recon / lateral movement / privilege escalations
- Hands on labs of selected topic
- Enumerating actual privileges for domain users
- Detecting Reconnaissance using LDAP Performance events
- Hunting for Pass-The-Hash & golden ticket attempts
- Preventing Lateral Movement using LogonWorkstations
- Track back changes in AD objects
This training will be held by Yossi Sassi. Yossi is a InfoSec researcher & friendly hacker. Sassi has accumulated extensive experience in information security for ~30 years, in Red-Blue team assessments, conducting DF/IR investigations and more, including Fortune100 accounts.
Ex-member of Javelin Networks, a unique defense solution for Active Directory (acquired by Symantec). Worked for Microsoft 8 years as Technology Group Manager and coded support tools for Windows Server. Sassi spoke at TED and TEDx events, and was awarded 4 Peace and friendship awards.
If you are using AD - we promise that you should not miss this training!