YoVDO

I Am AD FS and So Can You - Attacking Active Directory Federated Services

Offered By: WEareTROOPERS via YouTube

Tags

TROOPERS Courses Cybersecurity Courses Offensive Security Courses Key Derivation Courses

Course Description

Overview

Explore the intricacies of Active Directory Federated Services (AD FS) and its potential vulnerabilities in this comprehensive conference talk. Delve into the building blocks of AD FS, including claims pipelines, security tokens, and assertions. Learn about identity providers, adapters, and techniques for locating AD FS proxies. Discover methods to target weak links and adapt attack strategies. Gain insights into the Windows Internal Database (WID) and techniques for locating and decrypting sensitive information. Examine tools like ADFSDump and ADFSpoof, and understand their implications. Conclude with best practices for mitigation and appropriate incident response strategies to enhance AD FS security.

Syllabus

Intro
Roadmap
Doug Bienstock - @doughsec
Austin Baker - @bakedsec
Active Directory Federated Services
Building Blocks - Claims Pipeline
Building Blocks - Security Tokens
Building Blocks - claims to assertions
Building blocks - the RP
Identity Providers and Adapters
Finding AD FS Proxies
Target the Weak Links
Adapt or die
Windows Internal Database (WID)
Locating the goods
Decrypting the SigningToken
Key Derivation
Key Decryption
ADFSDump
ADFSpoof
Best Practices and Mitigations
Responding Appropriately


Taught by

WEareTROOPERS

Related Courses

Security Principles
(ISC)² via Coursera
A Strategic Approach to Cybersecurity
University of Maryland, College Park via Coursera
FinTech for Finance and Business Leaders
ACCA via edX
Access Control Concepts
(ISC)² via Coursera
Access Controls
(ISC)² via Coursera