Scan Pwn Next! - Exploiting Service Accounts in Windows

Explore the vulnerabilities and exploitation techniques associated with service accounts in Windows networks in this 46-minute conference talk from BSidesSF 2016. Delve into the common mismanagement issues of service accounts, including over-privileging, dual-use, and omnipresent credentials. Discover how attackers can leverage Service Principal Names (SPNs) to identify and target vulnerable services. Gain insights from new research on service account exposure in real-world networks and learn about exploitation techniques. Acquire knowledge about an open-source tool for detecting potentially vulnerable service accounts in Windows environments. Understand how targeted behavioral analytics can be employed to detect potential abuse of service accounts. Equip yourself with the knowledge and tools to test and secure your own networks against service account exploitation.

BSidesSF 2016 - Scan Pwn Next! – exploiting service accounts in Windows (Andrey Dulkin, Matan Hart)