I Am AD FS and So Can You - Attacking Active Directory Federated Services
Offered By: WEareTROOPERS via YouTube
Course Description
Overview
Explore the intricacies of Active Directory Federated Services (AD FS) and its potential vulnerabilities in this comprehensive conference talk. Delve into the building blocks of AD FS, including claims pipelines, security tokens, and assertions. Learn about identity providers, adapters, and techniques for locating AD FS proxies. Discover methods to target weak links and adapt attack strategies. Gain insights into the Windows Internal Database (WID) and techniques for locating and decrypting sensitive information. Examine tools like ADFSDump and ADFSpoof, and understand their implications. Conclude with best practices for mitigation and appropriate incident response strategies to enhance AD FS security.
Syllabus
Intro
Roadmap
Doug Bienstock - @doughsec
Austin Baker - @bakedsec
Active Directory Federated Services
Building Blocks - Claims Pipeline
Building Blocks - Security Tokens
Building Blocks - claims to assertions
Building blocks - the RP
Identity Providers and Adapters
Finding AD FS Proxies
Target the Weak Links
Adapt or die
Windows Internal Database (WID)
Locating the goods
Decrypting the SigningToken
Key Derivation
Key Decryption
ADFSDump
ADFSpoof
Best Practices and Mitigations
Responding Appropriately
Taught by
WEareTROOPERS
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network