У нас вы можете посмотреть бесплатно SIEGECAST: Kerberoasting & Attacks 101 или скачать в максимальном доступном качестве, видео которое было загружено на ютуб. Для загрузки выберите вариант из формы ниже:
Если кнопки скачивания не
загрузились
НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если возникают проблемы со скачиванием видео, пожалуйста напишите в поддержку по адресу внизу
страницы.
Спасибо за использование сервиса ClipSaver.ru
#cybersecurity #hacking #infosec Penetration Testing Web Application Penetration Testing Ransomware Readiness Assessment Mobile App Assessment Remote Access Assessment Purple Team Red Team & Adversary Emulation Let our offense, prepare your defense. [email protected] ______________________________________________________________ Today, Red Siege brings you the deep dive you have been waiting for on Kerberoasting from the creator himself, Tim Medin SiegeCast: "KERBEROS AND ATTACKS 101" Presented by Tim Medin ( [email protected] ) Want to understand how Kerberos works? Would you like to understand modern Kerberos attacks? Tim Medin walks you through how to attack Kerberos with ticket attacks and Kerberoasting. He covers the basics of Kerberos authentication and then shows you how the trust model can be exploited for persistence, pivoting, and privilege escalation. At the conclusion, he discusses defenses for these various attacks. Slides: https://redsiege.com/kerb101 Follow Us Twitter: / redsiege Facebook: / rsiege Linkedin: / reds. . _______________________________________________________ Red Siege Founder: Tim Medin ([email protected]) Twitter: @timmedin Red Siege is an information security consulting company that concentrates on the latest threats to organizations today. We perform in-depth analysis, determine organization/business risk, and find the vulnerabilities before the bad guys do. Our team includes internationally renowned experts who have been featured in international news outlets and conferences, including The Wall Street Journal, The Washington Post, a News Channel Asia Documentary. https://redsiege.com 00:00 Kerberos & Attacks 101 00:10 Welcome & Intro 1:15 Talk Breakdown 1:55 Part 1 - What is Kerberos? 3:19 Kerberos Basics 3:51 How it Works 6:52 Auth to Service 10:03 Overall Process Summary 11:50 Service Ticket 13:42 PAC (Privilege Attribute Certificate) 15:24 SPN 17:21 Three Long-term Keys 18:55 Part 2 - Attacks 19:13 Kerberoasting 20:17 Requesting Tickets 21:29 Extraction & Cracking 22:21 Walk-Throughs 31:09 Silver Ticket 32:50 Silver Ticket Flow 33:35 Build Your Own Ticket (Demo) 41:02 Questions on Building a Ticket 44:33 Building More Tickets (Demo) 48:41 Golden Ticket 49:28 Golden Ticket Flow 50:45 Golden Ticket Properties 51:17 Golden Ticket Demo 53:05 Skeleton Key 54:48 Pass-the-Ticket 55:30 Over-Pass-the-Hash 56:10 When Can I Use These? 57:53 Recommended Reading 58:11 Part 3 - Defenses - Monitoring is Key 1:00:16 Questions