CYBERSEC 2022 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy. I Agree

bg-inner

SESSION

09/22 15:45 - 16:15 Red Team Forum

Domain slayer- infiltrating the Enterprise District

This speech will start with an introduction to AD server, look back at the second half year of 2021 for AD server vulnerabilities, including Printnightmare and sam-the-admin, and will share the trending lateral movement techniques, Living Off the Land Binaries, Scripts and Libraries (LOLBAS). Due to the in-depth defense hackers encounter during lateral movement, i.e., with defensive appliance like EDR, PAM, WAF, anti-virus system standing in their way, hackers have turned to adopt the LOLBAS technique. Simply put, drawing on local resources; for instance, leveraging the development environment of the targeted system to develop backdoor programs, which allows them to bypass defensive mechanism, directly obtaining the highest privilege Domain administrator, and even gaining persistence.

LOCATION Taipei Nangang Exhibition Center, Hall 2 7F 701F LANGUAGE English
SESSION TOPIC Red TeamPenetration TestingMITRE ATT&CK

SPEAKER

hans
CHT Security Senior Consultant

Hans joined CHT Security as senior consultant since January 2018 and has started a PHD program from June 2021. With 11 years of experience in cybersecurity, he specializes in hacking techniques, web security, and network penetration testing, and has discovered multiple critical CVEs. As a professional with several international certificates, including CEH, CHFI, GWAPT, OSCP, he aspires to promote world peace and to enable security staff to leave office early instead of taking the blame for others.