Have you ever pen tested your Active Directory environment?
Hackers have known for a long time that Active Directory is a very rich source of metadata that can be used to accelerate the post-exploitation process.
Want to learn all the tools and tactics that they use to leverage AD in post-exploitation?
We'll explain how crackmapexec, PowerView, and a little graph theory can be used to ferret out vulnerabilities in your Active Directory environments before hackers find them.
- Crackmapexec and PowerView
- Getting Stuff Done With PowerView
- Chasing Power Users
- Graph Fun
- Admins and Graphs
- The Final Case
FAQ Frequently Asked Questions
Won't pen testing bring down my system?Nope! Some of the most interesting pen testing can be accomplished by passively gathering information. The more
you know about your environment — IP addresses, computer names, users and especially admin accounts,
as well as where sensitive content is likely to reside — the better position you’re in.
Do I need to hire a pen tester?Nope! Instead of bringing in pen testers, the internal IT groups can in theory do the analysis and risk reduction involving
Active Directive vulnerabilities. The goal for IT is to juggle Active Directory users and groups into a configuration
that greatly reduces the risk of hackers gaining user credentials and stealing valuable IP and consumer data
(credit card numbers and passwords).
This looks awesome but I don't have the bandwidth - can you help?Yes! A personalized risk assessment will help you discover where you’re vulnerable and highlight real security issues.