LSA Whisperer - Evan McBroom [SO-CON 2024]

Sdílet
Vložit
  • čas přidán 12. 09. 2024
  • Accessing LSASS memory has been a common goal for attackers due to its management of user credential material. Microsoft has added multiple features to Windows to make gaining such access more difficult including Credential Guard, Remote Credential Guard, and Protected Processes Light (PPL). These features are helpful but irrelevant if an attacker is able to request credentials from the LSA directly. The presentation cover such an approach and how accessing LSASS memory is unneeded to recover a wealth of credential data and to perform other attacker tradecraft.

Komentáře •

Další v pořadí
Automatické přehrávání
The BloodHound Enterprise State of Attack Path Management - Justin Kohler [SO-CON 2024]26:38The BloodHound Enterprise State of Attack Path Management - Justin Kohler [SO-CON 2024]
The BloodHound Enterprise State of Attack Path Management - Justin Kohler [SO-CON 2024]SpecterOps
zhlédnutí 221
Graphs are Hard - John Hopper & Rohan Vazarkar [SO-CON 2024]51:45Graphs are Hard - John Hopper & Rohan Vazarkar [SO-CON 2024]
Graphs are Hard - John Hopper & Rohan Vazarkar [SO-CON 2024]SpecterOps
zhlédnutí 238
Beyond the Shell: Unconventional Agents for Red Teaming Success - Cody Thomas [SO-CON 2024]44:17Beyond the Shell: Unconventional Agents for Red Teaming Success - Cody Thomas [SO-CON 2024]
Beyond the Shell: Unconventional Agents for Red Teaming Success - Cody Thomas [SO-CON 2024]SpecterOps
zhlédnutí 1K
C’est qui le plus fort 😂00:18C’est qui le plus fort 😂
C’est qui le plus fort 😂Nicocapone
zhlédnutí 17M
KONEC PRÁZDNIN…00:50KONEC PRÁZDNIN…
KONEC PRÁZDNIN…Attack
zhlédnutí 449K
Když se Netrefíš, Tento Elixír Musíš Vypít!00:44Když se Netrefíš, Tento Elixír Musíš Vypít!
Když se Netrefíš, Tento Elixír Musíš Vypít!Vítek
zhlédnutí 623K
GENIUS FOOD HACKS #shorts00:30GENIUS FOOD HACKS #shorts
GENIUS FOOD HACKS #shortsMr DegrEE
zhlédnutí 30M
Relay Your Heart Away: An OPSEC-Conscious Approach to 445 Takeover1:01:05Relay Your Heart Away: An OPSEC-Conscious Approach to 445 Takeover
Relay Your Heart Away: An OPSEC-Conscious Approach to 445 TakeoverSpecterOps
zhlédnutí 268
Kerberos Pass-The-Ticket Basics1:16:07Kerberos Pass-The-Ticket Basics
Kerberos Pass-The-Ticket BasicsAtomic Hacking
zhlédnutí 8K
Neurohackademy: Satra Ghosh - Nipype (Workflows)1:36:57Neurohackademy: Satra Ghosh - Nipype (Workflows)
Neurohackademy: Satra Ghosh - Nipype (Workflows)UW eScience Institute
zhlédnutí 1K
Domain Persistence: Detection, Triage, and Recovery - Josh Prager & Nico Shyne [SO-CON 2024]45:26Domain Persistence: Detection, Triage, and Recovery - Josh Prager & Nico Shyne [SO-CON 2024]
Domain Persistence: Detection, Triage, and Recovery - Josh Prager & Nico Shyne [SO-CON 2024]SpecterOps
zhlédnutí 655
OAuth 2.0 and OpenID Connect (in plain English)1:02:17OAuth 2.0 and OpenID Connect (in plain English)
OAuth 2.0 and OpenID Connect (in plain English)OktaDev
zhlédnutí 1,7M
Misconfiguration Manager: Overlooked and Overprivileged- Duane Michael & Chris Thompson[SO-CON 2024]52:31Misconfiguration Manager: Overlooked and Overprivileged- Duane Michael & Chris Thompson[SO-CON 2024]
Misconfiguration Manager: Overlooked and Overprivileged- Duane Michael & Chris Thompson[SO-CON 2024]SpecterOps
zhlédnutí 399
Hands-On Power BI Tutorial 📊Beginner to Pro [Full Course] ⚡3:05:45Hands-On Power BI Tutorial 📊Beginner to Pro [Full Course] ⚡
Hands-On Power BI Tutorial 📊Beginner to Pro [Full Course] ⚡Pragmatic Works
zhlédnutí 2,2M
The New SaaS Cyber Kill Chain - Luke Jennings [SO-CON 2024]58:40The New SaaS Cyber Kill Chain - Luke Jennings [SO-CON 2024]
The New SaaS Cyber Kill Chain - Luke Jennings [SO-CON 2024]SpecterOps
zhlédnutí 445
No Cert? No Problem - ClickOnce (Ab)Use for Trusted Code Execution1:01:07No Cert? No Problem - ClickOnce (Ab)Use for Trusted Code Execution
No Cert? No Problem - ClickOnce (Ab)Use for Trusted Code ExecutionSpecterOps
zhlédnutí 361
The videographer didn’t hold back in this one 🤣00:19The videographer didn’t hold back in this one 🤣
The videographer didn’t hold back in this one 🤣Enola Bedard
zhlédnutí 9M
Cô ấy lại biến hình | CHANG DORY | ometv #BlazeToNatlan #Natlan#GenshinImpact #Genshin4You #citlali00:36Cô ấy lại biến hình | CHANG DORY | ometv #BlazeToNatlan #Natlan#GenshinImpact #Genshin4You #citlali
Cô ấy lại biến hình | CHANG DORY | ometv #BlazeToNatlan #Natlan#GenshinImpact #Genshin4You #citlaliChang Dory
zhlédnutí 38M
Touching Act of Kindness Brings Hope to the Homeless #shorts00:18Touching Act of Kindness Brings Hope to the Homeless #shorts
Touching Act of Kindness Brings Hope to the Homeless #shortsFabiosa Best Lifehacks
zhlédnutí 18M
POV: Já VS budík, při prvním školním dnu 🥹 #fyp #school #marcel00:16POV: Já VS budík, při prvním školním dnu 🥹 #fyp #school #marcel
POV: Já VS budík, při prvním školním dnu 🥹 #fyp #school #marcelMARCEL
zhlédnutí 221K
Секрет летающего стула! #shorts00:14Секрет летающего стула! #shorts
Секрет летающего стула! #shortsРоман Magic
zhlédnutí 21M
Trollím PODVODNÍKOV na Facebook Marketplace w/MarleyKKT a Lukáš21:20Trollím PODVODNÍKOV na Facebook Marketplace w/MarleyKKT a Lukáš
Trollím PODVODNÍKOV na Facebook Marketplace w/MarleyKKT a LukášStudioMoonTV
zhlédnutí 125K
Clash of the Stars 9 | Nejrychlejší KO v historii | Deathmatch 5 proti sobě15:44Clash of the Stars 9 | Nejrychlejší KO v historii | Deathmatch 5 proti sobě
Clash of the Stars 9 | Nejrychlejší KO v historii | Deathmatch 5 proti soběWilly Cao
zhlédnutí 173K
Největší FAIL Celého Fotbalového Týmu…00:35Největší FAIL Celého Fotbalového Týmu…
Největší FAIL Celého Fotbalového Týmu…Horis
zhlédnutí 287K