Emulating and Preventing SMB Attacks Including Relaying and Responder

  • Thursday, 06 Oct 2022 10:00AM EDT (06 Oct 2022 14:00 UTC)
  • Speaker: Michel Coene

Get a preview of material directly from SANS SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses.

Once attackers have gained access to your infrastructure, be it through a compromised host or through physical access, they will be looking to gain access to further resources. While there is a wide variety of ways that attackers can use to broaden their footprint in your environment, this webcast will focus on SMB attacks, such as obtaining the NTLM challenge/response or simply relaying the authentication to another system.