Red teams have been abusing Windows domain trusts for years with great success, but the topic is still underrepresented in public infosec discussions.
While the community has started to talk more about Active Directory exploitation, there isn’t much information out there discussing domain trusts from an offensive perspective. This talk aims to demystify domain trusts and show how they can be enumerated and abused during the course of an engagement. We’ll conclude with a complex demo showing how to enumerate, visualize, and abuse the trust relationships in an example environment, leading to total domain takeover without throwing a single exploit.