Skip to main content
back to List back
on this page

Active Directory attacks for Red and Blue Teams - Advanced Edition

See current trainings here
post-event
This training has been completed See current trainings here
Altered Security
Active Directory attacks for Red and Blue Teams - Advanced Edition
Beginner / Intermediate
2 Days
Sat 19 Nov - Sun 20 Nov
This training has been completed See current trainings here
Venue:

Holiday In Riyadh Meydan | IHG
Olaya - King Fahed Road, PO Box 18030, Riyadh, 11415, Kingdom of Saudi Arabia

Timings:
  • Registration starts at 8am
  • Training from 9am to 5pm
Topics:
  • Extensive AD Enumeration
  • Trust mapping and abuse 
  • Privilege Escalation
  • Advanced Kerberos Attacks
  • Advanced cross-forest trust abuse
  • Attacking Azure AD integration
  • Abusing trusts for MS products
  • Credentials Replay Attacks
  • Persistence
  • Defenses
  • Bypassing defenses
Overview

More than 95% of Fortune 500 companies use Active Directory! Enterprises are managed using Active Directory (AD) and it often forms the backbone of the complete network. To secure AD, you must understand different techniques and attacks used by adversaries against it. Often burdened with maintaining interoperability with a variety of products, AD lack ability to tackle latest threats.

The course is a mixture of fun, demos, exercises, hands-on and lecture. You start from compromise of a user desktop and work your way up to multiple forest pwnage. The training focuses more on methodology and techniques than tools. 

Attendees will get free one month access to an Active Directory environment comprising of multiple domains and forests, during and after the training. This training aims to change how you test an Active Directory Environment.

Students are required to bring their own laptop that meets the following specs

  • System with 4 GB RAM and ability to install OpenVPN client and RDP to Windows boxes.
  • Privileges to disable/change any antivirus or firewall.

What students will be provided with

  • Attendees will get free one month access to a lab configured like an Enterprise network, 
    during and after the training.
Who should take this course?
  • Red teamers and penetration testers who want to improve on their Active Directory attack skills should take this class. Blue teamers, AD administrators and security professionals who want to understand the approach and techniques of adversaries should take this class.
  • Also, students should have basic understanding of Active Directory security.