Training

Pentesting Windows systems

Objectifs

Training about several security concepts for Windows and Active Directory penetration tests. Lectures and workshop about authentication protocoles, authorization schemes and privilege escalation accross the network.

 

5 days

Contenu

Day 1

  • Windows security basics

    • Password hashing schemes

    • Authentication protocoles

  • Windows network recon

    • Name resolution protocols

    • Windows network usual services

  • From unauthenticated network access to domain user

Day 2

  • Local privilege escalation

    • UAC Bypass

    • Information gathering on compromised computer

    • Bouncing in the internal network

Day 3

  • Privilege escalation through an Active Directory domain

    • Bouncing

    • Control paths

    • Dump of the domain authentication base

  • Software restriction bypasses

    • AppLocker

    • Restricted contexts evasion (Citrix, RDP Kiosk)

Day 4

  • Privilege escalation accross domains

    • Ticket forge (golden ticket, silver ticket)

    • Unconstrained delegation abuse

  • Software restriction bypass

    • AMSI Bypass

Day 5

  • Persistence in a compromised network

  • Indice of compromise deletion / trace management