The Funny Story of Active Directory Backdooring скачать в хорошем качестве

The Funny Story of Active Directory Backdooring

Sylvain Cortes (Hackuity, FR) Sylvain Cortes is an international expert in identity and access management (IAM) and cybersecurity. During his career, he has mainly worked with large organizations to carry out identity or directory governance projects, including authentication processes, inter-OS privilege management, cloud identity management and Active Directory cybersecurity. He has developed a deep expertise in Active Directory security and backdooring concept. Sylvain is the president of CADIM, a French non-profit organization that organizes an annual event in Paris dedicated to identity management and cyber security: www.identitydays.com. Sylvain is a speaker for various events such as: Blackhat, Cloud Expo, IdentityDays, FS-ISAC, aOS, IT Nordics, Les Assises de la Sécurité, FIC, etc. For 18 years, Sylvain has been recognized by Microsoft as a Microsoft MVP on Active Directory & Security. -- What is the hardest question to answer after an Active Directory attack? It's very simple: "Do I have a backdoor in my directory after this attack?"In this session, we will present the state of the art regarding backdoors in AD, with concrete examples of simple and advanced techniques working from AD 2003 to AD 2025 and ensuring attackers' group persistence. We will cover AD backdoors in general, then go into detail about backdooring techniques targeting SIDhistory, Managed by, gPLink, GPOs, ACEs, and more.Finally, we'll look at the combination of multiple techniques used to hide leads and make persistent attackers virtually undetectable.