Reward Yourself! Get a $400 Amazon Gift Card with Qualifying OnDemand Course Purchase - Register Today!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Dominating the Active Directory

  • Wednesday, October 02, 2019 at 3:30 PM EDT (2019-10-02 19:30:00 UTC)
  • Erik Van Buggenhout

You can now attend the webcast using your mobile device!



Many pentesters focus on getting "Domain Administrator" access on a target environment. But... what comes after domain administrator? Similar to "shell is just the beginning", we believe "Domain Administrator" is just the beginning, as there is so much more to be done! Join us in this webcast where the new SEC560 course authors explain what to do when administrative access to the Active Directory domain is obtained. Amongst others, we will discuss Golden Tickets, Skeleton Key attacks, DCSync, and DCShadow

Speaker Bio

Erik Van Buggenhout

Erik Van Buggenhout is the lead author of SEC599 - Defeating Advanced Adversaries and SEC699 - Purple Team Tactics. In addition to SEC599 and SEC699, Erik teaches SEC560 - Network Penetration Testing & Ethical Hacking and SEC542 - Web Application Penetration Testing & Ethical Hacking. In addition to his work with SANS, Erik is the co-founder of Belgian cyber security firm NVISO. Together with his team of 70+ technical experts, Erik delivers a wide array of technical security services, including penetration testing, security monitoring & incident response.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.