Forging Trusts for Deception in Active Directory

Feedback form is now closed.

Using Deception for defence in Active Directory is very fruitful. It makes it possible to target multiple phases of an adversary’s attack methodology. While attacking an enterprise network, adversaries generally enumerate the AD trusts. It is important for them to map the relationships and trusts between domains and forests as it helps in lateral movement and post exploitation.

This talk discusses forging and implanting computers, domain and forest objects in an AD environment. Such objects target the attacker mind-set and methodology by providing easy yet high value targets. We will see how this deception technique traps an adversary across an enterprise attack cycle.

Open source scripts for deployment of discussed techniques will also be discussed during the talk. The talk will be full of live demonstrations.

Speakers

Nikhil Mittal

Nikhil Mittal is a hacker, infosec researcher, speaker and enthusiast. His area of interest includes red teaming, active directory, attack research, defense strategies and post exploitation research. He has 9+ years of experience in red teaming. He specializes in assessing security... Read More →

Thursday October 4, 2018 15:00 - 16:00 CEST
01. Westvleteren University

Talk

Attendees (70)

P
D
C
J
A
A
Z
N
View All →

BruCON 0x0A

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Nikhil Mittal

Attendees (70)