Active Directory Abuse Primitives and Operation Security

Explore advanced Active Directory (AD) attack techniques and operational security in this comprehensive conference talk from Hack In The Box Security Conference. Delve into the world of AD abuse primitives and learn how adversaries chain these techniques to form attack paths that compromise entire enterprise networks. Examine four real-world attack paths, including new abuse primitives such as diamond tickets, U2U tickets, and Shadow Credentials. Gain insights into the methodology behind successful AD attacks, including enumeration, tactical considerations, and evasion of blue team detection. Watch video demonstrations from an adversary's perspective using a Command and Control (C2) framework for a realistic offensive operation experience. Understand the root causes, implementation methods, and operational guidance for each attack path, enhancing your knowledge of AD security vulnerabilities and defense strategies.

#HITB2023AMS D2T2 - Active Directory Abuse Primitives And Operation Security - M. Cheng & D. Chen