What is this Class about?
Enterprises are managed using Active Directory (AD) and often form the backbone of the complete enterprise network. Therefore, to secure an enterprise from an adversary, it is inevitable to secure its Active Directory Environment. To secure AD, you must understand different techniques and attacks used by adversaries against it. Often burdened with maintaining backward compatibility and interoperability with a variety of products, AD environments lack ability to tackle latest threats.
This training is aimed towards attacking Modern Active Directory Environment using built-in tools like PowerShell and other trusted OS resources. The training is based on real world penetration tests and Red Team engagements for highly secured environments.
The course is a mixture of demonstrations, exercises, hands-on and lecture. You start from compromise of a user desktop and work your way up to complete forest pwnage. The training focuses more on methodology and techniques than tools. This training aims to change how you test an Active Directory Environment.
What will you learn?
The detailed syllabus can be downloaded here.
In this class you will learn:
- Basics of PowerShell and its usage with AD
- Importance of the Assume Breach approach
- Enumeration of AD using built-in tools
- Trust and Privileges Mapping
- Token Impersonation and Replay
- Various credential replay methods
- Privilege Escalation from a non-admin domain user to Enterprise Administrator
- Persistence techniques in AD
- Detecting and Protecting against AD attacks and persistence techniques
- Deceptions and Decoys to trap attackers
- ... a ton of other interesting topics!
We would encourage you to download and view the full course syllabus above.
Over 80% of class time will be spent on practical hands-on exercises and labs. We teach how to secure by first showing you how to break the same technology :) We guarantee that you will enjoy this unique break-it-n-secure-it learning experience!
Who should attend this class?
This class will be useful to developers & testers, penetration testers, security researchers and to anyone with an interest in learning how hackers break technology and how you can safeguard against it.
Who are we?
Pentester Academy has trained thousands of professionals from over 90+ countries online. We are one of the only training companies in the Bay Area with core focus in IT Security and expertise in penetration testing, network, web, mobile & wi-fi security, Internet of Things security, Windows & Linux Forensics, Incident Response etc. You can reach us at email@example.com for any questions.
All our trainers are well respected experts in their fields and have been speakers/trainers at top security and hacker conferences such as BlackHat USA and DEFCON. Many of them are also successful Book Authors and product/open source Security Tool Creators! All our course content is the original creation of our trainers and the Pentester Academy team.