Common Active Directory Attacks: Back to the Basics of Security Practices

This videos covers some typical Active Directory Default configurations and how attackers abuse them. It also shows remediation steps to fix the issues.



0:00 - Intro
0:32 - Common Active Directory Attacks and Countermeasures
1:10 - Default Settings - Add Computer Acccount to the Domain
3:36 - Demo - Add Computer Account to the Domain
6:36 - Remediation - Add Computer Account to the Domain
7:24 - Demo - Preventing Add Computerr to the Domain and delegating
13:09 - Default Settings - Password Policy
16:10 - Demo - Password Spraying
19:28 - Remeditation - Password Policy
20:22 - Demo - Changing Password Policy
22:33 - Service Principal Names (Kerberoasting)
24:12 - Demo - Kerberoasting
27:46 - Securing Service Principal Names
29:07 - Demo - Securing Service Principal Names
35:27 - Do not require Kerberos Preauthentication (AS-REP Roasting)
36:44 - Demo - AS-REP Roasting
39:05 - Remediation - AS-REP Roasting
40:03 - Unconstrained/Constrained Delegation
44:11 - Demo - Unconstrained Delegation
47:07 - Remediation - Unconstrained/Constrained Delegation