Finding Our Path - How We're Trying to Improve Active Directory Security

Explore a comprehensive Black Hat conference talk on enhancing Active Directory security. Discover success stories, lessons learned, and methodologies for identifying and mitigating risks associated with user behaviors and configurations. Learn how to significantly improve your organization's Active Directory security posture within weeks, regardless of network size. Gain insights into enumerating and understanding security risks, and walk away with practical strategies for implementation. Delve into topics such as BloodHound, Kerberos delegation, DC Sync, privilege analysis, and attack path identification. Understand the complexities of Active Directory security and acquire the knowledge to effectively analyze and secure your network infrastructure.

Introduction
Welcome
Background
Prior Work
What is Bloodhound
Problem Solving
Two APIs
NetSession enum
NetLocalGroup enum
Matt Nelson
The New Way
Running Sharp Out
Bloodhound
Kerberos
Why is delegation needed
Resourcebased constrained delegation
Why does this matter
What does that mean in English
Bloodhound interface
Verify ACLs
DC Sync
What are we trying to do
John Lambert quote
Methodology
Objective
Privileges
Kerberos Sting
LowHanging Fruit
What about this
Objectives
Shortest Paths
All Attack Paths
Its extremely complicated
The shortest path
Analyzing all paths
Analyzing domain admins
Analyzing GPOs
Abusable ACLs
Inbound Object Control
Real Numbers
Whats Possible
Free and Open Source
Questions