My key takeaways
- Almost everybody get’s popped, a matter of time and ressources
- even with low budgets there are a lot of tools that help to make it harder for the attackers
- Doing some OSINT for the own organization might bring up a lot of information that attackers will use
- Webapp pentesting is basic security
- The huge databases of breached data out there, make a good password policy imperative
- Phishing is still a very effective attack vector
- Once popped, detecting the intruder fast has priority
- By hardening the internal systems, making it harder for an attacker to find valuable assets
- Blue teams should be familiar with these 3 stages:
- low hanging fruits like
- SMBv1
- LLMNR/NBNS
- DTP
- Pass-The-Hash
- Protected Harvests like
- BloodHound
- Kerberoasting
- Command and Control (C2)
- Living Of the Land Binaries
- Malicious LNK Files
- Stealthy Defense
- Group Policies
- low hanging fruits like
- Kent & Jordan mention for almost every aspect multiple free tools to use
- No links provided but all in BHIS Blog
Env
- Provided by
- presenters: