Active Directory Reconnaissance, Attacks, and Post-Exploitation

DerbyCon 2.0 - The Reunion

Presented by: Evan Anderson
Date: Sunday September 30, 2012
Time: 09:30 - 09:55
Location: Track 5
Track: Stable Talks

This is a 200-level presentation that describes gathering information from Active Directory to assist a penetration tester in target selection, locating and leveraging common configuration mistakes to attack domain member computers and users, and post-exploitation activities. An emphasis is placed on using information that can be freely gathered by unprivileged users from Active Directory. This presentation assumes familiarity with the Windows security architecture and Active Directory.

Evan Anderson

Evan Anderson has worked in IT as a contract engineer since 1998. Presently he is a partner in Wellbury Information Services LLC of Dayton, OH, and provides network design, implementation, and system administration services to a variety of clients ranging from small business to Fortune 1000. He has performed reviews of network security architectures, application and network penetration testing, and delivered infosec-related training for clients in financial, medical, and public policy sectors.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats