How Effective are Tools in Detecting the "Maleficent Seven" Privileges for the Windows Environment?
- Tobias Mccurry- Master's Degree Candidate
- Thursday, April 26th, 8:15pm - 8:55pm
This presentation focuses on how Windows privileges add to the complexity of Windows user permissions. The presentation will briefly review how Windows handles permissions and privileges. The presentation will rehash the Maleficent Seven. The presentation will then show how each tool such as Security Explorer, Permissions Analyzer for Active Directory, or Gold Finger help with respect to the privileges. The presentation will also demonstrate the results of this research and how it discovered a gap in identifying users with privileges with the current tools available. Finally, the presentation will show how this gap was filled by the author by using powershell.
Speaker Bio: Tobias is the Director of Penetration Testing Service at SecureIT. He has over 15 years of experience in different areas of IT and currently leads the penetration testing team at SecureIT. Tobias has a specialization in identifying vulnerabilities that have been previously missed by other teams. He has worked with client teams to evaluate critical vulnerabilities and how to mitigate them. The expertise of Tobias has helped numerous teams lower risk while ensuring that the widest coverage of testing was accomplished. Tobias has publications in SANS Reading Room, Hacker Academy, and Infosec Institute. Finally, he holds a Bachelor in Computer Science and is pursuing Master of Science in Information Security Engineering with SANS, while maintaining multiple certifications. The SANS Technology Institute is the only graduate program that combines SANS technical training, recognized as the industry's best, with leadership and management curriculum specifically developed for the unique needs of aspiring leaders. Learn more at www.sans.edu.
Bonus Sessions
The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:
- SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
- Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
- Lunch & Learn: Short presentations given during the lunch break.
- Master's Degree Presentation: Presentations given by SANS Technology Institute's Master's Degree candidates.