In the last few years, attack techniques which fall in the categories of “Credential Theft” or “Credential Reuse” have grown into one of the biggest threats to Microsoft Windows environments. Microsoft has stated more than one time, that nearly almost all of their customers that run Active Directory have experienced “Pass-the-Hash” (PtH) attacks recently.[1] Once an attacker gains an initial foothold on a single system in the environment it takes often less than 48 hours until the entire Active Directory infrastructure is compromised. To defend against this kind of attacks, a well-planned approach is required as part of a comprehensive security architecture and operations program. As breach has to be assumed[2], this includes a preventative mitigating control strategy, where technical and organizational controls are implemented, as well as preparations against insider attacks. This is mainly achieved by partitioning the credential flow in order to firstly limit their exposure and secondly limit their usefulness if an attacker was able to get them. Although we spoke last year at Troopers 15 about “How to Efficiently Protect Active Directory from Credential Theft & Large Scale Compromise”[3], we would like to summarize exemplary later in this post Active Directory pentest findings that we classified in four categories in order to better understand what goes typically wrong and thus has to be addressed. For a better understanding of the overall security goals, we classified the findings as to belonging as a security best practice violation of the following categories: Continue reading “TROOPERS16 Training Teaser: Dos and Don’ts of Secure Active Directory Administration”
Continue readingTag: TROOPERS
Web Hacking Special Ops Workshop @ TR16
Trooper!
You passed Hacking 1on1 with flying colors?
You evade web application firewalls as they would be opened doors?
You have successfully exploitated CVE-2015-8769?
Then it’s time for the next challenge! Follow us down the rabbit hole to the not so well known attacks against modern web applications.
Continue reading “Web Hacking Special Ops Workshop @ TR16”
Hacking 101 Training at TROOPERS16
This year’s Hacking 101 workshop at TROOPERS16 will give attendees an insight into the hacking techniques required for penetration testing. These techniques will cover various topics like information gathering, network mapping, vulnerability scanning, web application hacking, low-level exploitation and more.
During this workshop you will learn, step by step, a testing methodology that is applicable to the majority of scenarios. So imagine you have to assess the security of a system running on the Internet. How would you start? First, you need a good understanding about the target, including running services or related systems. Just scanning an IP will most likely not reveal a lot of information about the system. The gathered information may help you to identify communication relations of services that could include vulnerabilities. A brief understanding of the target and it’s related systems/services/applications will make scanning and identifying vulnerabilities a lot easier and more effective. Then, the last step will be the exploitation of the identified vulnerabilities, with the ultimate aim to get access to the target system and pivot to other, probably internal, systems and resources.
So if you are interested in learning these techniques and methodologies, join us at the TROOPERS16 Hacking 101 training! Attendees should have a brief understanding of TCP/IP networking and should be familiar with command lines on Linux systems. Also, being familiar with a programming/scripting language is considered useful.
Continue reading
TelcoSecDay – First Round of Talks
Dear all,
This year the TelcoSecDay will take place on March 15th. For those of you who does not know about: the TelcoSecDay it is a sub-event of Troopers bringing together researchers, vendors and practitioners from the telecommunication / mobile security field.
Continue reading “TelcoSecDay – First Round of Talks”
5th Round of TROOPERS16 Talks Accepted
Happy 2016 everyone! We are exactly 2 months away from the start of TROOPERS16!! Speakers and Trainers across the globe are polishing (or in some cases creating) their PowerPoints to use while delivering their highly technical and entertaining talks. While we here at TR HQ are busy tweaking orders, creating challenges to boggle the mind and test your skills, and of course working on some top secret fun. 😉
#BestWeekEver
Your TROOPERS Team
Continue reading “5th Round of TROOPERS16 Talks Accepted”
Continue reading#TR16 IPv6 Security Summit – New Talks Added
In the interim we’ve worked on the agenda of next year’s IPv6 Security Summit (for those not familiar with the event, here’s the 2015 edition and here the one of 2014), and some new talks have been added.
Continue reading “#TR16 IPv6 Security Summit – New Talks Added”
Continue reading4th Round of TROOPERS16 Talks Accepted
As we come to the end of the year we can’t help but take a moment to thank all of your who made TROOPERS15 special! It just makes us all the more pumped to kick it up a notch for TROOPERS16!! #BestWeekEver
Happy Holiday and much Joy to you in the New Year!
Your TROOPERS Team
Continue reading “4th Round of TROOPERS16 Talks Accepted”
Continue readingTeaser on the TROOPERS16 Incident Analysis Workshop: Analyzing the current Spam Flood
As we are giving another round of our Incident Analysis workshop at Troopers16, we wanted to give a little sample taste what you can expect.
Continue reading “Teaser on the TROOPERS16 Incident Analysis Workshop: Analyzing the current Spam Flood”
3rd Round of TROOPERS16 Talks Accepted
Here at TROOPERS HQ we are well into the Holiday (read TROOPERS) Spirit so we thought we would publish another round of talks! The current agenda can be found here.
Happy Holidays!
Your TROOPERS Team
Continue reading “3rd Round of TROOPERS16 Talks Accepted”
Continue reading2nd Rounds of TROOPERS16 Talks
Here’s the second round of TROOPERS16 talks. For more information check out our website: TROOPERS
Happy Holidays and all the best for 2016 to everybody!
Your TROOPERS Team Continue reading “2nd Rounds of TROOPERS16 Talks”
Continue reading