Active Directory Exploitation Training

The ZX Security Active Directory (AD) exploitation training course assists security operations / Blue Teams in bolstering their capability to detect malicious activity on their network

Overview

The ZX Security Active Directory (AD) exploitation training course assists security operations / Blue Teams in bolstering their capability to detect malicious activity on their network.

With hands-on access to the tools used to compromise Windows domains, attendees will receive valuable insight into an attacker’s mindset.

Who should attend?

SOC Analysts
System Administrators
Solution Architects
Security Engineers
Desktop Support Staff

Duration

One day.

Course content

The training will cover the fundamentals of modern Active Directory hacking. The course is intended to cover the basics before jumping into more advanced, up-to-date attack techniques.

Attendees are not required to have any previous knowledge or experience in the field.

ZX Security has a custom, fully patched training environment with multiple computers in Amazon AWS.

The environment can support multiple students at a time.

By the end of the workshop, the attendees will be able to apply the techniques learned to fully compromise the lab environment.

Training will cover the following:

What is Active Directory
LM, NT, NTLM, NET-NTLM, NET-NTLMv2
Basics of Powershell
Local Privilege Escalation
Domain Enumeration
Lateral Movement
Kerberos
Common Attacks
Kerberos Double Hop
Got Domain Administrator - now what?
Abusing Domain Trusts
Recommendations for Defence