Offensive Active Directory with PowerShell

Explore offensive Active Directory techniques using PowerShell in this 50-minute conference talk. Dive into the world of PowerShell and Active Directory, understanding their significance in cybersecurity. Learn about PowerView, pipeline operations, and user hunting techniques. Discover methods for identifying stealth users, enumerating local admins and groups, and exploiting Group Policy Objects (GPOs). Gain insights into Active Directory Access Control Lists (ACLs), domain trusts, and advanced attack techniques like Golden Tickets and Kerberos exploitation. Acquire valuable cheat sheets and engage in a Q&A session to enhance your understanding of offensive Active Directory strategies.

Introduction
Agenda
Why PowerShell
What is Active Directory
Why not use PowerShell
PowerView
Pipeline
Identifying and Hunting
Powershell Commandments
VOC User Hunter
Stealth User
Raw Data
Local Admin Enumeration
Local Group Enumeration
Process
GPO Abuse
Group Policy Preferences
Get GPP Password
Get Organizational Units
Group Policy Objects
Fine GPO Location
Active Directory CL
Active Directory ACL
Invoke ACL Scanner
Admin SD Holder
Downgrades
Power View
Domain Trust
Why Trust Matters
Trust Enumeration
Trust Mesh
Map Domain Trust
Domain Trust Explorer
CID histories
Golden Tickets
Kerberos
Trustpocalypse
Cheat Sheets
Credits
Questions