Attacking User Identities

  • Friday, 01 Dec 2023 3:00PM EST (01 Dec 2023 20:00 UTC)
  • Speaker: Moses Frost

Identities are the foundational cornerstone of many environments. Identity is typically the front door for web, infrastructure portals, and VPN services. Most organizations should implement additional countermeasures to prevent attackers from breaking into an organization. The perimeter of many environments is de-facto users’ identities. How you protect those identities is critical. Understanding how to attack identities is crucial for those who emulate attack groups.

In this Workshop, we will showcase the techniques and tools you can use to attack user identities. Being able to safeguard these identities is crucial. If you wish to learn how to attack identity systems like Azure AD, Rotate IP Addresses, and bypass conditional access policies, this is the workshop for you. If you want to see a sneak preview of SEC588, or you have taken the course and want to see some additional material in the revamped versions of the courseware, you should attend.

Prior to the workshop: Please download and install the workshop VM here -

Username: sec588
Password: slingshot

System Requirements:

  • CPU: 64-bit Intel i5/i7 (8th generation or newer), or AMD equivalent. A x64 bit, 2.0+ GHz or newer processor is mandatory for this class.
  • CRITICAL: Apple systems using the M1/M2 processor line cannot perform the necessary virtualization functionality and therefore cannot for the workshop.
  • BIOS settings must be set to enable virtualization technology, such as "Intel-VTx" or "AMD-V" extensions. Be absolutely certain you can access your BIOS if it is password protected, in case changes are necessary.
  • 8GB of RAM or more is required.
  • 60GB of free storage space or more is required.