Discussing Active Directory & Internal Network Security
Vložit
- čas přidán 19. 05. 2024
- jh.live/threatreport || Conversations on network security and internal pentesting with James "Shikata" at IBM X-Force! We dig into misconfigurations, default weaknesses, and some great tradecraft and techniques. jh.live/x-force-yt
You can check out the full IBM X-Force Threat Intelligence Index report here jh.live/threatreport and learn more about IBM X-Force here: jh.live/x-force-yt
Learn Cybersecurity - Name Your Price Training with John Hammond: nameyourpricetraining.com
WATCH MORE:
Dark Web & Cybercrime Investigations: • Tracking Cybercrime on...
Malware & Hacker Tradecraft: • Malware Analysis & Thr...
📧JOIN MY NEWSLETTER ➡ jh.live/email
🙏SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎FOLLOW ME EVERYWHERE ➡ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/discord ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware
🔥CZcams ALGORITHM ➡ Like, Comment, & Subscribe!
The best AD hacker by far. His workshop at DEFCON is gold.
Really was a pleasure coming on and doing an interview. I’ll make sure my headphone cable is untied next time lol. We should totally do some hands on demos together.
You're a legend James! Looking forward to more content from you on AD and OT security.
yoink
Great talk shikeezee
You really do nail some of the issues seen day in and out and did it well, thanks!
the tangled up cord is tickling my OCD in all the wrong ways
Why did you have had to point it out! Now, I can't get it out of my head!! ☹️😭😭
Glad I’m not the only one 😂
Goddamn ysmnaya
I’d love for either a three way or 2-part video with you two and a blue teamer. Show the default config getting pwned, then show the blue teamer fixing the config so the attack is stopped!
lol that tangled phone cable. brings me back
That's pretty bad for my OCD! XD
What makes it worse is that you know he affords better. 🤣
Amazing interview John, very high quality guest! Keep these types of interview videos coming!
Can you show and explain how to fully secure active directory plus all machine/services in that domain?
- AD domain service
- AD Certificate Service
- Domain jointed devices (PC, Laptop, Servers, printers, etc..)
That would be great
I would imagine that video would have to be a live stream of a blue team just at work every day for the next 20 years 🤣
Yubikey PIV or any HSM based secure key-value storage. That also protects against lsass.exe dumping exploits. Also strict Applocker policies, auditing logins, closing all unused network ports and using IDS or IPS. However using STIG and NIST based configurations would make your systems very secure but they could be very much pain in the ass. But yeah Applocker and network segmentation is a big one
@@seansingh4421 very well-said
I wonder what the raw video would be like, without all of the cuts. Interesting talk, very good points
Great video! I think all IT pros should be required to watch this video
The remarks on segmentation were eye opening. 👀
love my boy Hammond, another amazing vid
Fantastic! Finally somebody said it, Jerry Maguire. Long background in utilities and gov enduring ancient insecure versions. Please expand!
Really informative video! I'd like to see more of these and more technical.
The convincing and planning of the changes needed, is tricky. And then there are the toes the feel they are stepped on by recommending the changes.
This video was thoroughly interesting. Hope to see more of it in future.
Great topics included relationship between NTLM Auth & Kerberos hashing (and dangers associated), EDR efficacy, ADCS, SMB hashing, LSASS, challenges corporate environments face with keeping their systems secure (theory vs practice), pentesting, OT segmentation, PCI compliance & segmentation, and so much more. Well worth watching for security professionals and any security conscious IT engineers.
this is the most AI comment i've seen in awhile. hi gpt-o
@@danktoaster257 Brother, then consider this comment as a CAPTCHA that helps retrain your AI detection software to reduce false-positives.
@@HyperDroidslooks like what an AI would respond tbh
@John.
Would you maybe consider make a long video about how a admin can protect the windows systems ?
Say how to configure windows to be safe against hash collection and pass the hash.
What gpo need te be in place ... Etc
can you do a video on the powershell malware that uses its built-in features to "live off the land"? you can get it from downloading cracked software, i wont comment it but i can tell u privately if you want. you know u have it by checking task scheduler in windows. look for edge or something like that or the file updates.ps1 or update.ps1 etc. it would be a good video and you can explain how to make powershell restricted, and disabled and how to remove most of the danger of it.
EDIT: also this is one of the many reasons you should never use cracked software, not safe.
More of this guy please =) and go more deep into the hands-on side
Always good 🎉❤
Good video John.
JUICE! 😁
I'm just an internal pentester in a web pentesters world :(
Sir number to ip ,fip ,address video please
Please say the joking!
Hi John i need a mentorship for OSCP PLEASE
When you sign up for the course you get access to offsec discord and OSA. You'll have a ton of support. Someone like John isn't going to have time to mentor you, and as a hacker you need to be able to be fairly autonomous as well
FFS that headphone cable.
Can you do a video on an exploit chain for an android uefi rootkit? I might be able to get you a sample if I can dump it from flash.
Context:
I learned (as the victim) of an exploit chain for
S22, S23, and s24 ultra phones - With no user interaction. That gets ROOT privellege shell acess, all while hiding behind, and not tripping knox.
It involves accessibility services, for escalation, some recently "(emergency) patched" chrome zero days for initial access,
"possibly?" Samsungs io_uring implementation for root access, and it seems to use a buffer overflow to install unsigned kernel modules for persistence. As well as attaching itself to your samsung AND google accounts for reinfection.
Basically this thing is completely nuts, and has ruined 2 of my phones... (using my moms rn😂)
I've been able to learn alot about how it works generally.
But, I want to understand it better and see how you would analyze it or look through the exploit chain with your own process.
As for the sample
I'm getting set up with an EDL cable, and plan to write all partitions with random data before reformatting and reinstalling.
I think thatll work
The sad part is the reluctance for the industry to secure their shit. And I still can't get a cybersec job. Eternal Blue Really? Lmao
how about show & tell ???
just taking about it is ok, but .....
6:40 what was that all about LMAO
Who guys are all studying for jobs that dont exist
First
First after the first :D
1st comment :D
like this if you're first ones.
Need more nameyourpricetraining truly awsome and affordable please keep up the support for it