Who ever said attackers should have all the fun? In this talk, we will introduce several basic strategies that you, a defender, can employ to use BloodHound to help secure your AD.
From attack path identification and elimination to critical landscape identification, from basic permissions auditing to complex transitive object control mapping, we hope to show you how BloodHound is an even more useful tool for defenders than it is for attackers.
BloodHound is developed by Andy Robbins (@_wald0), Rohan Vazarkar (@CptJesus), and Will Schroeder (@harmj0y). The presentation will be held by Andy Robbins and Rohan Vazarkar.
Andy Robbins (@_wald0) is an active red teamer and co-author of BloodHound, a tool designed to reveal the hidden and unintended permission relationships in Active Directory domains. He has performed numerous red team operations and penetration tests against banks, credit unions, health-care providers, defense companies, and other Fortune 500 companies across the world. He has presented at DEF CON, BSides Las Vegas, DerbyCon, ekoparty, and actively researches Active Directory security. He is also a veteran Black Hat trainer.
Rohan Vazarkar (@CptJesus) is an operator and developer for SpecterOps with extensive experience performing penetration tests and red team engagements. He has spoken at numerous security conferences including DEF CON, Black Hat, SANS Hackfest, and more. He also conducts research and releases tactics for leveraging security weaknesses in Windows based platforms. Rohan is the co-author of the BloodHound analysis platform and has contributed to other open source projects such as Empire and EyeWitness.
You should not miss this session if you want to explore vulnerabilities and secure your AD.