My Quest for Privileged Identity to Own Your Domain

Explore the intricacies of Active Directory vulnerabilities and advanced attack techniques in this comprehensive BSidesLV conference talk. Delve into privileged identity exploitation, examining various methods including Group Policy Preferences, NTLM authentication, and Kerberos attacks. Learn about internal reconnaissance tools like Bloodhound, and understand the mechanics behind Golden and Silver Ticket attacks. Discover mitigation strategies, including the principle of least privilege, separation of duties, and multifactor authentication. Gain insights into detecting and preventing intrusions, securing SMB authentication, and implementing adaptive enforcement measures. This in-depth presentation equips security professionals with the knowledge to identify, exploit, and defend against sophisticated Active Directory attacks in modern enterprise environments.

Introduction
Active Directory vulnerabilities
Story time
Kill chain
Detective
Intrusions
Group Policy Preferences
AES Encryption Key
Mitigation
Internal Reconnaissance
LDAP Global Catalog
Bloodhound
Bloodhound Demo
Intelligence Gathering
Reconnaissance
NTLM
Windows 10 workaround
Custom SSP
NTDs
KDC
Registry Keys
Backups
hashes
SMB authentication
HTML image tag
Custom forms
Mitigation for stealing hashes
LLM in our
Attack
Disable
SMP Signing
SMP Relay Attack
Enable SMP Signing
Kerberos
Kerberos in Active Directory
High Privileged Users
Golden Ticket
Instructions
The Golden Ticket
SPN
Active Directory
TGS Ticket
Silver Ticket
NIST
Seed History
Known Seats
Injection Attack
Shadow Attack
Shadow Mitigation
Replicating Directory
Domain Controller
Replication
The common denominator
Kerberos is more secure
Stolen credentials
Password guidelines
The principle of least privilege
Separation of privilege
Multifactor authentication
Adaptive enforcement
Aggregate attack service
Summary