Attacking and Defending Active Directory: Advanced Edition
Mar 20 - 10
Build expertise in attacking and defending real-world enterprise Active Directory environments. Identify and analyze threats and practice attacks against a modern multi-forest Active Directory environment.
Why INE Bootcamps?
We know that even the most active learners benefit from having direct access to instructors. We designed INE Bootcamps so that you will have the opportunity to learn the latest and greatest techniques, while having the opportunity to ask your own, personal questions.
Buy bootcamp
With offerings from both INE and Pentester Academy, take advantage of the opportunity to dig deeper into existing INE topics or to work within custom lab environments to learn complex enterprise techniques.
Learning Objectives
This bootcamp prepares you to pass the Certif Red Team Expert (CRTE) certification, provided by Pentester Academy, an INE company. By passing this exam, you will be certified as knowing: - All Initial Access Attack Vectors, including Phishing and Consent Grant Attacks - Authenticated Enumeration techniques - Privilege Escalation - Data Mining - Defenses Monitoring and Auditing - How to Bypass Defenses - Advanced Cross Domain Attacking Techniques - Abusing SQL Server for cross forest attacks - Bypassing defenses like Advanced Threat Analytics, Protected Users Group, WDAC etc. Your four week lesson plan ends with a CTF and the opportunity to take the CRTE.
Save $200 & Sign Up Today!
Learn More About Pentester Academy
Sign up for INE and Begin Learning Now
Schedule
This four week bootcamp is split into four modules, designed to provide you with everything you need to master active directory exploitation and protection. Checkout the daily schedule to understand what you will learning during our four, four hour sessions.
Introduction to Active Directory
Introduction to Attack methodology and tradecraft
Domain Enumeration (Attacks and Defense)
Enumerating information that would be useful in attacks with leaving minimal footprint on the endpoints
Enumerate trust relationships within and across forests to map cross trust attack paths
Credential Replay Attacks
Abusing on-prem MS Exchange for privilege escalation and extracting emails and sensitive information from mailboxes
Evading application whitelisting (WDAC)
Domain Privilege Escalation by abusing Unconstrained Delegation. Understand how unconstrained delegation is useful in compromising multiple high privilege servers and users in AD
Abusing Constrained Delegation for Domain Privilege Escalation by impersonating high privilege accounts
Using ACL permissions to abuse Resource-based Constrained Delegation
Domain Persistence Techniques
Advanced Cross Domain attacks. Learn and practice attacks that allow escalation from
Domain Admins to Enterprise Admins by abusing MS Products and delegation issues. Lateral movement from on-prem to Azure AD by attacking Hybrid Identity infrastructure.
Advanced Cross Forest attacks. Execute attacks like abuse of Kerberoast, SID Filtering misconfigurations etc. across forest trusts forests and understand the nuances of such attacks.
Abusing SQL Server for cross forest attacks
More on advanced Cross Forest attacks like abuse of Foreign Security Principals, ACLs etc. Abusing PAM trust and shadow security principals to execute attacks against a managed forests.
Detections and Defenses (Red Forest, JEA, PAW, LAPS, Selective Auth, Deception, App Whitelisting, ATA, Tiered Administration)
Bypassing defenses like Advanced Threat Analytics, Protected Users Group, WDAC etc.
Bootcamp overview
This advanced bootcamp is designed to help security professionals understand, analyze and practice threats and attacks in a modern, multi-forest Active Directory environment with fully patched Server 2019 machines.
In addition to learning the popular tactics, techniques and procedures (TTPs), you will also see how they change for attacks across forest trusts. You will also learn how to abuse or bypass modern Windows defenses like Advanced Threat Analytics, Local Administrator Password Solution (LAPS), Just Enough Administration (JEA), Resource-Based Constrained Delegation (RBCD), Windows Defender Application Control (WDAC), Application Whitelisting (AWL), Constrained Language Mode (CLM), virtualization and more.
Dictated by
Nikhil Mittal
InfoSec Researcher
View other upcoming INE Bootcamps
Looking for something else? INE offers several bootcamps per month, meaning that there is always something for you and your team to learn and participate in.
Common questions about INE
If you have a question you don’t see on this list, please visit our Frequently Asked Questions page by clicking the button below. If you’d prefer getting in touch with one of our experts, we encourage you to call one of the numbers above or fill out our contact form.
Can I buy Bootcamps separately if I am on the Individual Monthly or Annual plan?
How much do Bootcamps cost?
