Speakers Tracks Workshops
Counter Child Sexual Exploitation

Contact

    (+91) 974-690-6654      |          Email :

Keynote / Chief Guest

Pinarayi Vijayan

Pinarayi Vijayan

Chief Minister

Kerala State

 

Rajeev Chandrasekhar

Rajeev Chandrasekhar

Union Minister of State for Electronics and Information Technology

Union Minister of State for Skill Development and Entrepreneurship.

Govt. of India

Admiral Radhakrishnan Hari Kumar

Admiral Radhakrishnan Hari Kumar

PVSM, AVSM, VSM, ADC

CHIEF OF NAVAL STAFF

Ministry of Defence, India

Active Directory: Purple Teaming - c0c0n Edition

WS-7  -   Active Directory: Purple Teaming - c0c0n Edition

  • Home
  • Workshops
  • Active Directory: Purple Teaming - c0c0n Edition

Active Directory: Purple Teaming - c0c0n Edition

  • 21 -22 Sep, 2022
  • 2 days
  • Grand Hyatt, Kochi, India
 Trainer

Prashant Mahajan

Director / corrupt , Payatu Technologies Pvt. Ltd

OBJECTIVE

Active Directory is one of the most popular and widely deployed directory services for centralised domain management. It is susceptible to a wide variety of attacks due to vulnerabilities, configuration weaknesses and its inherent architectural complexity. Many large enterprises adopt Active Directory based domain management practices and hence its security is of prime concern for enterprise administrators and security auditors. The participants will be taken to a journey of discovering, enumerating and exploiting various services in an Active Directory environment. Participants will start as an outsider in the domain environment with only network level access. Using a combination of recon, exploitation and post-exploitation techniques, the participants will be able to perform multi-staged attacks to finally obtain domain administrator privilege. At the same time understand the concepts of Purple Teaming, visibility & detection and tooling to identify the gaps.

COURSE CONTENT (ToC)

We will be taking a beginners approach to AD from the attackers perspective as well as defenders.

  • DAY 1 - Attack focused
    • → Discovering / Enumerating AD environments
    • → within an AD environment
    • → Post exploitation
    • → Lateral movement
    • → Domain pwnage
  • DAY 2 - Purple Teaming
    • → Auditing the AD security posture
    • → Setting up baseline security in AD
    • → Visibility into AD activities
    • → Detecting malicious activities
    • → Playbooks
PRE-REQUISITE
  • → Experience with vulnerability assessment and penetration testing.
  • → Basic knowledge of TCP/IP network protocol.
  • → Familiarity with virtualization software like VMware/VirtualBox
PARTICIPANTS REQUIREMENTS
  • → laptop with administrator privileges.
  • → Minimum 50 GB of free hard disk space.
  • → Minimum 4 GB RAM for virtual machines.
  • → Laptop should have an ethernet and WIFI capability.
  • → VM Player or VMWare Workstation installed.
DURATION

2 days

WHO SHOULD ATTEND

Beginners/Intermediate

WHAT TO EXPECT

A live Active Directory environment to perform various attacks for gaining domain administrator privilege and operationalize the Purple Team.

WHAT NOT TO EXPECT

AzureAD or hybrid environments would not be covered in this workshop

Trainer
Prashant Mahajan
Prashant Mahajan
Director / corrupt

Payatu Technologies Pvt. Ltd


Prashant Mahajan is a Director at Payatu Australia Pty Ltd. He has over a decade of experience with various aspects of Information Security including penetration testing, vulnerability analysis, digital forensics, and incident response. He is also a developer of open-source tools such as ADRecon (https://github.com/adrecon/ADRecon) and AzureADRecon (https://github.com/adrecon/AzureADRecon), a founder member of Null - The Open Security Community (https://null.community) and a frequent speaker at industry events and training.


Footer

c0c0n XV
Contact

Copyrights © 2022 All Rights Reserved by c0c0n