A workshop particpation is possible from any PC/lap top/tablet with a stable internet connection. You don´t need additional software. An up-to-date browser is sufficient (current Microsoft Edge, Google Chrome or Firefox). Access to the training lab will also take place via your browser. Exercises can be implemented without additional software. The workshop will of course be transmitted live from the ERNW studio. The workshop material as well as possible demos and of course the trainer are always visible and will be shown depending on the requirements or will be emphasized. We will provide the training material electronically before the start of the course. The trainer will answer questions live. The microfone and/or camera are optional. You can also ask questions via chat.
Requirements: Basic Active Directory knowledge & understanding.
This workshop is designed to enable you to identify critical object relationships within your Enterprise Active Directory environment. Active Directory is at the heart of most major organizations and gaining control of Active Directory is often what an attacker is after in corporate post-Exploitation scenarios. BloodHound is a visualization and evaluation tool designed to graph Active Directory attack paths and visualize Active Directory the way an attacker would see it. Thinking in graphs allows defenders to better understand the complexity of object relationships, identify weak spots to be mitigated, and improve their overall security posture.
• Are you responsible for administrating or securing a complex Active Directory environment?
• Do you want to know how many tier 2 users have a path to your tier 0 assets?
• Do you want to know if your Exchange ACLs open an attack path to your domain controllers?
If the answer to these questions is “yes”, then this workshop has everything you need to use BloodHound efficiently within your environment. The workshop is designed to be hands-on with many practical lessons and covers everything from understanding / performing a basic installation of BloodHound, building basic queries, visualizing object relationships / potential attack paths to more advanced topics like using custom add-ons or automating the whole process of using BloodHound (data collection, ingestion, first analysis etc.). BloodHound has been successfully used in many complex Active Directory environments to visualize critical attack paths that could lead to a full Active Directory compromise. Our trainer will share his experience, lessons learned, tips & tricks and pitfalls from using BloodHound in complex enterprise environments to efficiently identify critical relationships and derive appropriate mitigating controls.
Trainings:
Docker, Kubernetes & Security in Enterprise Environments
Jan Harrie, Simon Janz
Hacking 101
Sven Nobis, Julian Suleder
Hacking Mobile Apps
Tobias Kopf, Ahmad Abolhadid
Hardening Microsoft Environments
Heinrich Wiederkehr, Friedwart Kuhn
Incident Analysis
Dr.-Ing. Andreas Dewald, Frank Block, Florian Bausch
Insight into Windows Internals
Dr. Aleksandar Milenkoski, Dominik Phillips
TLS in the Enterprise
Michael Thumann
Windows & Linux Binary Exploitation
Oliver Matula, Dennis Mantz
ATTACK based hunt engineering on Windows
Eduardo Gerosa, Olaf Hartong
Advanced Deployment and Architecture for Network Traffic Analysis
Peter Manev, Eric Leblond
Advanced Pwning & Fixing of Node.js & Electron apps, shells, injections and fun!
Anirudh Anand, Abraham Aranguren
Assessing Business-Critical Systems: Attack & Secure SAP Platforms
Yvan Genuer, Pablo Artuso
Attack and Defense in AWS: Chaining vulnerabilities to go beyond the OWASP 10
Bharath, Riyaz Walikar
Fuzzing source-code & binary-only targets like a pro
Marc ''van Hauser'' Heuse
Hacking the USB World with FaceDancer & USB-Tools
Kate Temkin, Mikaela Szekely
Hands-on BloodHound - Intro to Cypher Workshop
Walter Legowski
Machine Learning for Security & Security for Machine Learning
Nikhil Joshi
Mastering Mimikatz
Carlos Perez
Pentesting Industrial Control Systems
Arnaud Soullié
Pentesting the Modern Application Stack
Francis Alexander
Practical Exploitation of IoT Networks and Ecosystems
Sumanth Naropanth, Sunil Kumar
RFID/NFC: Rise of Proxmark3 - directors' cut
Philippe Teuwen
SensePost Unplugged; Modern WiFi Hacking
SensePost
Software Defined Radio
Michael Ossmann
Web Application Security
Hannes Molsen
Windows Instrumentation With Frida
Hannes Molsen
Automation with Ansible - Radically simplify IT Operations
Maximilian Eschenbacher