Vtim currently serves as the Red Team Lead at DEVCORE, specializing in researching Web and post-exploitation attack techniques. With extensive experience in Red Team Assessments, penetration testing, and educational training, he is also a CTFer and Bug Bounty Hunter.
Professional Experience:
- Red Team Assessment experience at DEVCORE (3.5 years)
- Experience in vulnerability reporting submissions: HackerOne, Bugcrowd, HITCON Zero Day
- Member of the Synack Red Team
According to DEVCORE's statistics from dozens of Red Team Assessments conducted over the past year, more than 50% of enterprise internal networks have misconfigurations related to Active Directory Certificate Services (AD CS). These misconfigurations allow attackers to gain domain admin privileges within minutes, even with just a low-privileged domain account.
In this presentation, we will present anonymized examples of these misconfigurations in various enterprises, demonstrate how attackers exploit them, and emphasize the importance of regularly assessing AD CS as a critical infrastructure component within an organization's internal network. We will also provide guidance on avoiding common configuration mistakes and mitigating measures for specific scenarios.
CYBERSEC 2024 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy 。