Exploiting Windows Group Policy for Reconnaissance and Attack

Explore the vulnerabilities and attack vectors associated with Windows Group Policy in this comprehensive BSidesLV conference talk. Delve into the structure of Group Policy, including the GPC and GPT components, and understand how targeting mechanisms work. Discover the potential for reconnaissance and various attack paths, such as GPO settings manipulation, external path exploitation, GPT redirection, administrative template abuse, and Starter GPO misuse. Learn about essential tools for reconnaissance and gain insights into effective Group Policy defense strategies. Enhance your knowledge of Windows security by understanding how to harden systems against these attack vectors.

Intro
About Me
What Is Windows Group Policy
Group Policy Structure Explored the GPC
Group Policy Structure Explored.- the GPT
Group Policy Targeting Explained
Why is Group Policy Useful for Reconnaissance?
Tools for Reconnaissance
Attack Path: GPO Settings
Attack Path: External Paths
Attack Path: GPT Redirection
Attack Path: Administrative Template Abuse
Attack Path: Starter GPO Abuse
Group Policy Defense
Hardening Against Attack