Attacking Active Directory for fun and profit

Active Directory underpins the majority of most organisations their IT infrastructure, which makes it a valuable target for attackers.

A lot of (targeted) ransomware attacks have been leveraging through AD, and I often get question on, how attackers are compromising an AD environment, so I thought it would be the right time to publish content about this topic, to help people having a better understanding on the different exploitation techniques, that might be used to take advantage of insecure or default settings in AD.

Vitali Kremez gave last year a nice talk on how cyber crime groups are attacking AD for fun and profit, which inspired me to choose that title as well, but I wanted to focus it more on the different exploitation techniques. The talk of Vitali can be found here:

There are a lot of recommendations that organizations should follow to secure Active Directory, but sometimes it is better to know, how it is done practical to have a better understanding on the risks behind a poor configuration.

I have published a PDF with the different exploitation techniques that can be used to attack Active Directory with recommendations on how to secure it.

This can be found here:

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: