Not Your Grandfather’s Empire I’ve wanted to put this blog together since returning home from DEFCON. Anytime we ran into someone who recognized our swag, they mentioned how much they loved Empire back in the day and didn’t realize it was being actively maintained. This made me reflect on all [...]
| Date | April 10, 2025 H 08:00 |
|---|---|
| End | April 11, 2025 H 17:00 |
| Location | In-Person & Virtual |
| Address | TREX Coworking Space, 911 Washington Ave #500, St. Louis, MO 63101 |
Click here to add this event to your google calendar
Are you ready to become an expert at attacking Active Directory? This training course covers various aspects of Active Directory and how to attack it. Students will learn about network poisoning and authentication protocols in Windows networks, the different kinds of Windows credential types, and how to use them. Students will also learn common attacks on NTLM and Kerberos, such as NTLM relay attacks, delegation attacks, and creating forged tickets. Students will become familiar with identifying and exploiting common Active Directory misconfigurations with tools like Bloodhound, Rubeus, Impacket, and Mimikatz. Students will have the opportunity to conduct attacks from both Windows and Linux operating systems and learn the nuances between each platform for performing attacks. Students will learn where credentials are stored on a Windows systems and how to extract credentials from LSASS, DPAPI, SAM, LSA, and the Kerberos ticket cache. Students will learn about the different domain trusts and how to perform multi-domain compromises. Finally, students will put all their skills to the test in a course lab that contains multiple attackable domain-joined Windows systems.
