Red Team Revenge Attacking Microsoft ATA Nikhil Mittal

Channel:
United States All Hacking Cons
Subscribers:
6,440
Published on ● Video Link: https://www.youtube.com/watch?v=35XknWCJJss


Duration: 52:47
9 views
1

Microsoft Advanced Threat Analytics (ATA) is a defence platform which reads information from multiple sources like traffic for certain protocols to the Domain Controller, Windows Event Logs and SIEM events. The information collected is used to detect Reconnaissance, Credentials replay, Lateral movement, Persistence attacks etc. Well known attacks like Pass-the-Hash, Pass-the-Ticket, Overpass-the-Hash, Golden Ticket, Directory services replication, Brute-force, Skeleton key etc. can be detected using ATA. Whenever communication to a Domain Controller is performed using protocols like Kerberos, NTLM, RPC, DNS, LDAP etc., ATA will parse that traffic for gathering information about not only possible attacks but user behaviour as well. It slowly builds an organizational graph and can detect deviations from normal behaviour. This talk focuses on identifying and attacking ATA installations. Can ATA be attacked to suppress alerts? How noisy is it to attack ATA? How can alerts related to a particular identity (user and computer) be exempted? How can ATA be controlled and crippled remotely? The talk will be full of live demonstrations


Presenters:
Nikhil Mittal

44 con 2017
Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #security



Other Videos By All Hacking Cons


2021-10-06Reverse Engineering and Bug Hunting on KMDF Drivers Enrique Nissim
2021-10-06Pwning the 44CON Nerf gun PTP
2021-10-06Make ARM Shellcode Great Again Saumil Shah
2021-10-06Kill All Humans Bugs Philippe Arteau
2021-10-06JARVIS never saw it coming Guy Barnhart Magen & Ezra Caltum
2021-10-06How to Explain Post Quantum Cryptography to a Middle School Student Klaus Schmeh
2021-10-06So You Want to Hack Radios Marc Newlin and Matt Knight
2021-10-06See no evil, hear no evil Matt Wixey
2021-10-06Secrets Of The Motherboard Shit My Chipset Says Graham Sutherland
2021-10-06Reverse Engineering Windows Malware 101 Workshop Amanda Rousseau Workshop
2021-10-06Red Team Revenge Attacking Microsoft ATA Nikhil Mittal
2021-10-06Persisting with Microsoft Office Abusing Extensibility Options William Knowles
2021-10-06The Internet of Us Don A Bailey
2021-10-06The Black Art of Wireless Post Exploitation Gabriel Ryan
2021-10-06Subgraph OS Hardening a Linux Desktop David Mirza Ahmad
2021-10-06Inside Android's SafetyNet Attestation Colin Mulliner
2021-10-06Lessons Learned Hunting IoT Malware Olivier Bilodeau
2021-10-06A Hands On Introduction To Software Defined Radio Didier Stevens Workshop
2021-10-06ARM Assembly and Shellcode Basics Saumil Shah Workshop
2021-10-06BaRMIe Poking Java's Back Door Nicky Bloor
2021-10-06Biting the Apple that feeds you Alex Plaskett and James Loureiro


Tags:
data
hacker
security
computer
cyber
internet
technology
hacking
attack
digital
virus
information
hack
online
crime
concept
thief
protection
network
scam
fraud
malware
secure
identity
criminal
phishing
software
access
theft
system
firewall
communication
privacy
binary
account
spy
programmer
program
spyware
hacked
hacking conference
conference
2022
2021
cybersecurity
owned
break in
google
securing
exploit
exploitation
recon
social engineering
read team
microsoft
ata
Nikhil Mittal