bsidesaustin2019 has ended
Thursday, March 28 • 4:00pm - 5:00pm
The Power of DCShadow

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
So, you swiped domain admin credentials and want to maintain persistence without getting caught like a script kiddie. By leveraging the "Power of DC Shadow" to exploit the sIDHistory attribute, you will be able to own the forest.
In this workshop, we'll cover how to use sIDHistory and DCShadow in tandem and discuss the types of data that can be injected into Active Directory. Finally, we will show you how to be blue team cyber warrior to detect DC Shadow using deep packet inspection and prevent this attack using IPSEC tunnels.

avatar for Don Perez

Don Perez

Manager-Identity and Access, Protiviti
Don Perez has been 18 years’ experience with Active Directory specializing in AD security and Domain Migrations.  He has over 15 years of experience in working for Financial, Utilities, and educational organizations. Currently Don is a manager at Protiviti as part of the Security... Read More →

Adam Steed

Adam Steed prides himself in not just being an Information Security professional but has been part of the Information Security community for the last two decades.  He has over 20 years of experience in working for Financial, Websites and Healthcare organizations. Currently Adam is... Read More →

Thursday March 28, 2019 4:00pm - 5:00pm
Big Tex

Attendees (18)