Red vs Blue: Modern Active Directory Attacks Detection and Protection

by Sean Metcalf
Sept. 19, 2017 1 comment Black Hat belen_caty

This talk explores the latest Active Directory attack vectors and describes how Golden Ticket usage can be detected. When forged Kerberos tickets are used in AD, there are some interesting artifacts that can be identified. Yes, despite what you may have read on the internet, there are ways to detect Golden & Silver Ticket usage!

https://www.blackhat.com/us-15/briefings.html#red-vs-blue-modern-active-directory-attacks-detecti...

Avatar
Steven Ulm 2 months ago

Good article but in my opinion a bit too general, more about the AD could have been specified.

Reply