On This Page


Tactics, Techniques and Procedures to Attack Active Directory

Led by: SpecterOps
Date: Friday, March 29, 2019
Time: 10:00am-12:30pm & 1:30pm-4:00pm
Location: Peony Junior 4511
Pass Types: Open to All


Every day, organizations are breached in order to steal data, deploy ransomware, and cause damage to their targets. Some are specifically targeted, while others are victims of opportunity. Some targets handle sensitive state secrets, while others handle large volumes of financial transactions. Regardless of size, industry, or sensitivity, one thing most organizations have in common is their use of Active Directory for centralized management and authentication.

Often, Active Directory installations have been in place so long and become so integral to the organization, that security misconfigurations are rampant. This makes Active Directory-based attacks a prevalent method that advanced adversaries use to gain control and steal data once they have established initial access within an organization. However, security professionals at many organizations do not know how their Active Directory implementations may be used against them

In this workshop, SpecterOps will teach you the Tactics, Techniques and Procedures (TTPs) used by adversaries to attack Active Directory in real-world breaches. Leveraging Bloodhound, an open-source Active Directory security analysis tool, we will discuss and demonstrate how an adversary can find common, abusable misconfigurations, followed by participants getting hands-on experience with analyzing a representative enterprise environment for these attacks. From Kerberoast to DCSync, from PsExec to WMI, learn and practice techniques covering credential theft, lateral movement, persistence, and situational awareness.

Attendee Requirements

Students must bring their own laptop capable of connecting to a Wi-Fi network. Students will use a web-browser to connect to our lab environment, no virtualization software is required. Students may use any operating system with a browser capable of rendering HTML5.

*Seating will be based on a first come, first-served, drop-in basis and is open to all pass types.