Loading…
This event has ended. Visit the official site or create your own event on Sched.
Mine for the best information security knowledge in the Black Hills of South Dakota!
Back To Schedule
Thursday, October 25 • 2:00pm - 2:50pm
Using PowerUpSQL and goddi for Active Directory Information Gathering

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
Information gathering is an essential first step in penetration tests and red team engagements against an Active Directory (AD) environment. Tools like PowerView have been very popular in the past, but this talk will explore some alternative options. During this presentation, I’ll provide an overview of AD information gathering techniques that leverage functionality in PowerShell, Go, and SQL Server.  These alternatives offer flexibility that can help you avoid detection on Windows endpoints during penetration tests and red team engagements.
 
Additionally, examples of both PowerUpSQL and goddi will be shared to help you automate those unorthodox AD enumeration methods. This talk aims to familiarize pen testers, red teamers, and blue teamers with basic AD information gathering concepts and how they can be leveraged manually or through tools like PowerUpSQL and goddi.
Speakers
avatar for Thomas Elling

Thomas Elling

NetSPI
Thomas has a BS in computer science from Columbia University with a focus on software development and security. He has experience as an undergraduate researcher at the CU Network Security Lab. At NetSPI, Thomas primarily focuses on web application and network penetration testing... Read More →

Thursday October 25, 2018 2:00pm - 2:50pm MDT
Track 2
  Talk