Atomic Spotlight: LSA Protection, Good ol' Mimikatz, and Wdigest
Автор: Black Hills Information Security
Загружено: 2022-12-26
Просмотров: 1583
Описание:
Join us in the Black Hills InfoSec Discord server here: / discord to keep the security conversation going!
Learn attack emulation tools atomic red team caldera with Carrie Roberts from Antisyphon Training: https://www.antisyphontraining.com/at...
00:00 - Atomic T1562 Impair Defenses
04:08 - Process Explorer
07:43 - Mimikatz
12:59 - Using Mimikatz to get around LSA Protection
14:51 - T1112 Atomic Test #3 Modify Registry to store logon credentials
Description: In this Atomic Spotlight we explore how marking the LSASS process as protected makes credential access more difficult for attackers. We then use the Mimikatz signed driver to bypass the protected process mechanism, and with the help of the Wdigest security provider, retrieve cleartext user passwords. The procedures for this technique were recently added to the Atomic Red Team library of scripted cyber attacks.
Other courses by Carrie Roberts: "PowerShell For InfoSec: What You Need to Know!" course: https://www.antisyphontraining.com/po...
Black Hills Infosec Socials
Twitter: / bhinfosecurity
Mastodon: https://infosec.exchange/@blackhillsi...
LinkedIn: / antisyphon-training
Discord: / discord
Black Hills Infosec Shirts & Hoodies
https://spearphish-general-store.mysh...
Black Hills Infosec Services
Active SOC: https://www.blackhillsinfosec.com/ser...
Penetration Testing: https://www.blackhillsinfosec.com/ser...
Incident Response: https://www.blackhillsinfosec.com/ser...
Backdoors & Breaches - Incident Response Card Game
Backdoors & Breaches: https://www.backdoorsandbreaches.com/
Play B&B Online: https://play.backdoorsandbreaches.com/
Antisyphon Training
Pay What You Can: https://www.antisyphontraining.com/pa...
Live Training: https://www.antisyphontraining.com/co...
On Demand Training: https://www.antisyphontraining.com/on...
Educational Infosec Content
Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/
Wild West Hackin' Fest YouTube: / wildwesthackinfest
Active Countermeasures YouTube: / activecountermeasures
Antisyphon Training YouTube: / antisyphontraining
Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/
#bhis #antisyphon #infosec
Повторяем попытку...
Доступные форматы для скачивания:
Скачать видео
-
Информация по загрузке:
