CYBERSEC 2021 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree

May 4-6 at Taipei Nangang Exhibition Center, Hall 2

Blue Team Forum
  • May 4th (Tue)
  • 14:45 - 15:15
  • 7F 701H

10 Facts About Windows Active Directory That Will Blow Your Mind

Chinese Onsite

Ever since Windows 2000 first released, Windows Active Directory has been a treasure trove of vulnerabilities year after year and thus a favorite attack vector for cybercriminals. This talk will explore and explain the most common AD attack methods, defense prioritization after the domain controller is taken down, how cybercriminals consistently break through defenses, debunk some myths regarding the AD, and breakdown how Solarigate abused the AD and got access to cloud resources. These problems suggest that network administrators see the AD as a black box--knowing of its importance but lacking the technical know-how to properly defend it.


Lastly, we’ll open the “black box”. We will discuss how the Active Directory works, why it’s so vulnerable, how cybercriminals penetrate its defenses so often, and provide actionable insight on creating and maintaining effective Active Directory defense practices and policies. 

Incident Response Hackers & ThreatsThreat Analysis & Protection
John Jiang

John Jiang

Cyber Security Researcher, CyCraft

John Jiang is a member of the Research Team of CyCraft and UCCU Hacker.

He has presented technical presentations in non-academic technical conferences, such as HITCON, Black Hat USA, CodeBlue and HITB.

Currently, he focuses on research about Incident Response and Intranet Security.