Attack Tactics 5: Zero to Hero Attack

Join us in the Black Hills InfoSec Discord server here: https://discord.gg/BHIS to keep the security conversation going! Learn defending the enterpise with Kent Ickler and Jordan Drysdale from Antisyphon Training: https://www.antisyphontraining.com/defending-the-enterprise-w-kent-ickler-and-jordan-drysdale/ 00:00 - Intro 04:11 - Infrastructure & Background 08:28 - Overview & Breakdown of Attack Methodology and Plans 11:35 - Start of Attack (Gaining Access), Password Spraying Toolkit 15:24 - Mailsniper, Retrieve Global Access List 21:58 - Lateral Movement, OWA, VPN, SSH 27:05 - Scanning/Enumeration, Nmap SSH Brute Force, "Find Open", Movement, Gaining Access 34:07 - Gaining Access, Test for LLMNR, What is LLMNR, Responder, NtlmRelayX 45:53 - Gaining Access, Lateral Movement - crackmapexec 50:29 - Gaining Access, GoPhish Campaign, Additional Paths to Access, HTA, Cobalt Strike 59:48 - Wrap Up Presented by BHIS Testers: Jordan Drysdale, Kent Ickler, and John Strand Ever want to see a full attack from no access on the outside to domain takeover? Ever want to see that in under an hour?  OWA? Password Sprays? Yup! VPNs? Remote account takeover? Yup! Fully documented command and tool usage? Yup! MailSniper? Absolutely! Nmap? Obviously! Crackmapexec? Definitely! Cobalt Strike HTA phishing? This is the one I am most worried about :D - but we'll try anyway.  So what? What's different about this webcast? We'll cover the zero (external, no access) to hero (internal, domain admin). Then, in the next webcast we will cover all the points where it could have been detected and stopped. Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_AttackTactics5ZerotoHeroAttacks.pdf Black Hills Infosec Socials Twitter: https://twitter.com/BHinfoSecurity Mastodon: https://infosec.exchange/@blackhillsinfosec LinkedIn: https://www.linkedin.com/company/antisyphon-training Discord: https://discord.gg/ffzdt3WUDe Black Hills Infosec Shirts & Hoodies https://spearphish-general-store.myshopify.com/collections/bhis-shirt-collections Black Hills Infosec Services Active SOC: https://www.blackhillsinfosec.com/services/active-soc/ Penetration Testing: https://www.blackhillsinfosec.com/services/ Incident Response: https://www.blackhillsinfosec.com/services/incident-response/ Backdoors & Breaches - Incident Response Card Game Backdoors & Breaches: https://www.backdoorsandbreaches.com/ Play B&B Online: https://play.backdoorsandbreaches.com/ Antisyphon Training Pay What You Can: https://www.antisyphontraining.com/pay-what-you-can/ Live Training: https://www.antisyphontraining.com/course-catalog/ On Demand Training: https://www.antisyphontraining.com/on-demand-course-catalog/ Educational Infosec Content Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/ Wild West Hackin' Fest YouTube: https://www.youtube.com/wildwesthackinfest Active Countermeasures YouTube: https://youtube.com/activecountermeasures Antisyphon Training YouTube: https://www.youtube.com/antisyphontraining Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/ #bhis #infosec