Attacking and Defending Active Directory: Advanced Edition [TBD 2023]

دوره پیشرفته Attacking and Defending Active Directory: Advanced Edition [TBD 2023] برای کمک به متخصصان امنیتی جهت درک، تجزیه و تحلیل و تمرین تهدیدات و حملات در یک محیط Active Directory با  سرور طراحی شده است. علاوه بر یادگیری تاکتیک‌ها، تکنیک‌ها و رویه‌های رایج (TTP)، همچنین خواهید دید که چگونه برای حملات در اکتیو دایرکتوری های تراست تغییر می‌کنند. همچنین یاد خواهید گرفت که چگونه از دفاع های ویندوز مانند Advanced Threat Analytics، Local Administrator Password Solution (LAPS)، Just Enough Administration (JEA)، Resource-based Constrained Delegation (RBCD)، Windows Defender Application Control (WDAC)، Application سوء استفاده کنید یا آن ها را دور بزنید.

لینک دانلود دوره آموزشی Attacking and Defending Active Directory: Advanced Edition [TBD 2023]


حجم: 3.44 گیگابایت

دانلود – بخش اول
دانلود – بخش دوم
دانلود – بخش سوم
دانلود – بخش چهارم

رمز فايل:

Price: 599$
Format: Video + Lab PDF + Tools
Publisher: Pentester Academy

What You’ll Learn

This advanced bootcamp is designed to help security professionals understand, analyze and practice threats and attacks in a modern, multi-forest Active Directory environment with fully patched Server 2019 machines.

In addition to learning the popular tactics, techniques and procedures (TTPs), you will also see how they change for attacks across forest trusts. You will also learn how to abuse or bypass modern Windows defenses like Advanced Threat Analytics, Local Administrator Password Solution (LAPS), Just Enough Administration (JEA), Resource-Based Constrained Delegation (RBCD), Windows Defender Application Control (WDAC), Application Whitelisting (AWL), Constrained Language Mode (CLM), virtualization and more

Bootcamp Syllabus

The course is split in four modules across four weeks:

Module I:
Introduction to Active Directory, attack methodology and tradecraft

Domain Enumeration (Attacks and Defense)

Enumerating information that would be useful in attacks with leaving minimal footprint on the endpoints

Understand and practice what properties and information to look for when preparing attack paths to avoid detection

Enumerate trust relationships within and across forests to map cross trust attack paths

Learn and practice escalating to local administrator privileges in the domain by abusing OU Delegation, Restricted Groups, LAPS, Nested group membership and hunting for privileges using remote access protocols

Credential Replay Attacks


Module II:
Abusing on-prem MS Exchange for privilege escalation and extracting emails and sensitive information from mailboxes

Evading application whitelisting (WDAC)

Domain Privilege Escalation by abusing Unconstrained Delegation: understand how unconstrained delegation is useful in compromising multiple high privilege servers and users in AD

Abusing Constrained Delegation for Domain Privilege Escalation by impersonating high privilege accounts

Using ACL permissions to abuse Resource-based Constrained Delegation

Domain Persistence Techniques


Module III:
Advanced Cross Domain attacks. Learn and practice attacks that allow escalation from Domain Admins to Enterprise Admins by abusing MS Products and delegation issues

Lateral movement from on-prem to Azure AD by attacking Hybrid Identity infrastructure

Advanced Cross Forest attacks. Execute attacks like abuse of Kerberoast, SID Filtering misconfigurations etc. across forest trusts forests and understand the nuances of such attacks


Module IV:
Abusing SQL Server for cross forest attacks

More on advanced Cross Forest attacks like abuse of Foreign Security Principals, ACLs etc.

Abusing PAM trust and shadow security principals to execute attacks against a managed forests

Detections and Defenses (Red Forest, JEA, PAW, LAPS, Selective Auth, Deception, App Whitelisting, ATA, Tiered Administration)

Bypassing defenses like Advanced Threat Analytics, Protected Users Group, WDAC etc.


آدرس ایمیل شما منتشر نخواهد شد.