SlideShare a Scribd company logo

BlackHat Arsenal 2021 : PurpleSharp - Active Directory Attack Simulations

Mauricio Velazco
Mauricio Velazco

This document discusses PurpleSharp, a tool for simulating cyber attacks within Active Directory environments. PurpleSharp executes adversary techniques listed in MITRE ATT&CK and generates telemetry to help detection teams build, test, and improve detection controls. The document outlines how PurpleSharp can be deployed remotely, impersonate users, vary techniques, and focus on Active Directory. It also advertises a library of pre-made JSON playbooks that simulate AD discovery, lateral movement, and purple teaming with PurpleSharp.

Technology
1 of 28
Download to read offline
PurpleSharp 2.0: Active Directory Attack Simulations Mauricio Velazco @mvelazco #BHUSA @BLACKHATEVENTS
#BHUSA   @BLACKHATEVENTS Agenda ■ Introduction ■ Enter PurpleSharp ■ Active Directory Attack Simulation Playbooks
#BHUSA   @BLACKHATEVENTS Introduction
#BHUSA   @BLACKHATEVENTS #whoami ■ Threat Research @ Splunk ■ @mvelazco ■ https://github.com/mvelazc0 Arequipa, Peru
#BHUSA   @BLACKHATEVENTS Detection engineers need the capability to generate attack telemetry.
#BHUSA   @BLACKHATEVENTS Adversary Simulation ■ A requirement to write detection analytics ■ Unit and functional testing for detection engineering ■ End-to-end validation of detection posture
#BHUSA   @BLACKHATEVENTS PurpleSharp
#BHUSA   @BLACKHATEVENTS ■ Executes adversary techniques within Windows AD environments ■ Follows MITRE ATT&CK (50+ supported) ■ C# -> NET, Win32 Api Goal: Generate attack telemetry that enables detection teams to build, test and enhance detection controls. github.com/mvelazc0/PurpleSharp www.purplesharp.com
#BHUSA   @BLACKHATEVENTS Enter PurpleSharp ■ Flexible ■ Remote simulation deployment ■ User impersonation ■ Technique variations ■ Active Directory focus
#BHUSA   @BLACKHATEVENTS Flexible ■ A single C# assembly ■ JSON simulation playbooks ■ Customizable technique parameters
#BHUSA   @BLACKHATEVENTS Flexible
#BHUSA   @BLACKHATEVENTS Remote Simulation Deployment ■ Leverages Windows native features WMI, SMB & Named pipes. ■ Requirements Network connectivity Administrative credentials
#BHUSA   @BLACKHATEVENTS Remote Simulation Deployment ■ 3 modules instrument the simulation: Orchestrator, Scout & Simulator ■ They synchronize on simulation details over named pipes using serialized objects. ■ Similar to PsExec but using Win32_process WMI class
#BHUSA   @BLACKHATEVENTS User impersonation First approach: DuplicateTokenEx CreateProcessWithTokenW ImpersonateLoggedOnUser
#BHUSA   @BLACKHATEVENTS User impersonation ■ Scout starts the Simulator as a child process of explorer.exe using PPID spoofing (T1134.004) ■ Simulation behavior runs under the context of the logged user ■ Breaks process relationship between the Scout and Simulator
#BHUSA   @BLACKHATEVENTS User impersonation
#BHUSA   @BLACKHATEVENTS Technique variations ■ Execute the same technique in different variations ■ Attempt to bypass detection ■ Helps validate detection resilience CreateRemoteServiceCmdline T1059.001 - PowerShell
#BHUSA   @BLACKHATEVENTS Technique variations CreateRemoteServiceCmdline T1021.002 - Remote Services #1: sc.exe to create a remote service #2: CreateService to a create remote service #3: ChangeServiceConfig to modify an existing service* *Initial idea: github.com/Mr-Un1k0d3r/SCShell
#BHUSA   @BLACKHATEVENTS Technique variations CreateRemoteServiceCmdline T1110.003 - Password Spraying
#BHUSA   @BLACKHATEVENTS Active Directory focus ■ Techniques targeting AD are the priority ■ Simulator is able to interact with AD and domain members in the context of the logged user ■ LDAP support for random target selection ( no passwords required ) host_target_type & user_target_type
#BHUSA   @BLACKHATEVENTS Active Directory Attack Simulation Playbooks
#BHUSA   @BLACKHATEVENTS Lab
#BHUSA   @BLACKHATEVENTS Active Directory Discovery ■ Playbook #1: AD Discovery with native tools ■ Playbook #2: AD Discovery with PowerShell.exe ■ Playbook #3: AD Discovery with LDAP queries T1033 - System User Discovery T1018 - Remote System Discovery T1482 - Domain Trust Discovery T1087.001 - Local Account Discovery T1069.002 - Domain Group Discovery T1087.001 - Local Account Discovery T1087.002 - Domain Account Discovery T1201 - Password Policy Discovery
#BHUSA   @BLACKHATEVENTS Lateral Movement ■ Playbook #1: Remote Service (T1021.002) & Scheduled Task (T1053) Using Win32 Api CreateService and native binaries ■ Playbook #2: WMI (T1047) and WinRM (T1021.006) Using the .NET libraries ■ Playbook #3: Remote Service (T1021.002) Using Win32 Api ChangeServiceConfig
#BHUSA   @BLACKHATEVENTS Lateral Movement
#BHUSA   @BLACKHATEVENTS Active Directory Purple Team Playbook ■ Library of ready-to-use JSON playbooks for PurpleSharp ■ github.com/mvelazc0/PurpleAD/
#BHUSA   @BLACKHATEVENTS https://github.com/mvelazc0/PurpleSharp www.purplesharp.com
PurpleSharp 2.0: Active Directory Attack Simulations Mauricio Velazco @mvelazco #BHUSA @BLACKHATEVENTS

Recommended

Defcon 29 Adversary Village: PurpleSharp - Automated Adversary Simulation
Defcon 29 Adversary Village: PurpleSharp - Automated Adversary SimulationDefcon 29 Adversary Village: PurpleSharp - Automated Adversary Simulation
Defcon 29 Adversary Village: PurpleSharp - Automated Adversary SimulationMauricio Velazco
 
Defcon 27 - Writing custom backdoor payloads with C#
Defcon 27 - Writing custom backdoor payloads with C#Defcon 27 - Writing custom backdoor payloads with C#
Defcon 27 - Writing custom backdoor payloads with C#Mauricio Velazco
 
SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...
SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...
SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...Mauricio Velazco
 
Derbycon 2019 - I simulate therefore i catch: enhancing detection engineering...
Derbycon 2019 - I simulate therefore i catch: enhancing detection engineering...Derbycon 2019 - I simulate therefore i catch: enhancing detection engineering...
Derbycon 2019 - I simulate therefore i catch: enhancing detection engineering...Mauricio Velazco
 
Bsides Baltimore 2019: Embrace the Red Enhancing detection capabilities with ...
Bsides Baltimore 2019: Embrace the Red Enhancing detection capabilities with ...Bsides Baltimore 2019: Embrace the Red Enhancing detection capabilities with ...
Bsides Baltimore 2019: Embrace the Red Enhancing detection capabilities with ...Mauricio Velazco
 
Bsides Long Island 2019
Bsides Long Island 2019Bsides Long Island 2019
Bsides Long Island 2019Mauricio Velazco
 
SELinux Kernel Internals and Architecture - FOSS.IN/2005
SELinux Kernel Internals and Architecture - FOSS.IN/2005SELinux Kernel Internals and Architecture - FOSS.IN/2005
SELinux Kernel Internals and Architecture - FOSS.IN/2005James Morris
 
Bsides NYC 2018 - Hunting for Lateral Movement
Bsides NYC 2018 - Hunting for Lateral MovementBsides NYC 2018 - Hunting for Lateral Movement
Bsides NYC 2018 - Hunting for Lateral MovementMauricio Velazco
 

Recommended

Defcon 29 Adversary Village: PurpleSharp - Automated Adversary Simulation
Defcon 29 Adversary Village: PurpleSharp - Automated Adversary SimulationDefcon 29 Adversary Village: PurpleSharp - Automated Adversary Simulation
Defcon 29 Adversary Village: PurpleSharp - Automated Adversary SimulationMauricio Velazco
 
Defcon 27 - Writing custom backdoor payloads with C#
Defcon 27 - Writing custom backdoor payloads with C#Defcon 27 - Writing custom backdoor payloads with C#
Defcon 27 - Writing custom backdoor payloads with C#Mauricio Velazco
 
SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...
SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...
SANS Threat Hunting Summit 2018 - Hunting Lateral Movement with Windows Event...Mauricio Velazco
 
Derbycon 2019 - I simulate therefore i catch: enhancing detection engineering...
Derbycon 2019 - I simulate therefore i catch: enhancing detection engineering...Derbycon 2019 - I simulate therefore i catch: enhancing detection engineering...
Derbycon 2019 - I simulate therefore i catch: enhancing detection engineering...Mauricio Velazco
 
Bsides Baltimore 2019: Embrace the Red Enhancing detection capabilities with ...
Bsides Baltimore 2019: Embrace the Red Enhancing detection capabilities with ...Bsides Baltimore 2019: Embrace the Red Enhancing detection capabilities with ...
Bsides Baltimore 2019: Embrace the Red Enhancing detection capabilities with ...Mauricio Velazco
 
Bsides Long Island 2019
Bsides Long Island 2019Bsides Long Island 2019
Bsides Long Island 2019Mauricio Velazco
 
SELinux Kernel Internals and Architecture - FOSS.IN/2005
SELinux Kernel Internals and Architecture - FOSS.IN/2005SELinux Kernel Internals and Architecture - FOSS.IN/2005
SELinux Kernel Internals and Architecture - FOSS.IN/2005James Morris
 
Bsides NYC 2018 - Hunting for Lateral Movement
Bsides NYC 2018 - Hunting for Lateral MovementBsides NYC 2018 - Hunting for Lateral Movement
Bsides NYC 2018 - Hunting for Lateral MovementMauricio Velazco
 
SANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
SANS Purple Team Summit 2021: Active Directory Purple Team PlaybooksSANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
SANS Purple Team Summit 2021: Active Directory Purple Team PlaybooksMauricio Velazco
 
Defending Your Network
Defending Your NetworkDefending Your Network
Defending Your NetworkAdam Getchell
 
Assume Compromise
Assume CompromiseAssume Compromise
Assume CompromiseZach Grace
 
BlueHat v18 || Linear time shellcode detection using state machines and opera...
BlueHat v18 || Linear time shellcode detection using state machines and opera...BlueHat v18 || Linear time shellcode detection using state machines and opera...
BlueHat v18 || Linear time shellcode detection using state machines and opera...BlueHat Security Conference
 
Defcon 22-colby-moore-patrick-wardle-synack-drop cam
Defcon 22-colby-moore-patrick-wardle-synack-drop camDefcon 22-colby-moore-patrick-wardle-synack-drop cam
Defcon 22-colby-moore-patrick-wardle-synack-drop camPriyanka Aash
 
How Safe is your Link ?
How Safe is your Link ?How Safe is your Link ?
How Safe is your Link ?Peter Hlavaty
 
'Malware Analysis' by PP Singh
'Malware Analysis' by PP Singh'Malware Analysis' by PP Singh
'Malware Analysis' by PP SinghBipin Upadhyay
 
Современные технологии и инструменты анализа вредоносного ПО_PHDays_2017_Pisk...
Современные технологии и инструменты анализа вредоносного ПО_PHDays_2017_Pisk...Современные технологии и инструменты анализа вредоносного ПО_PHDays_2017_Pisk...
Современные технологии и инструменты анализа вредоносного ПО_PHDays_2017_Pisk...Ivan Piskunov
 
Алексей Старов - Как проводить киберраследования?
Алексей Старов - Как проводить киберраследования?Алексей Старов - Как проводить киберраследования?
Алексей Старов - Как проводить киберраследования?HackIT Ukraine
 
AntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDay
AntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDayAntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDay
AntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDayINCIDE
 
SWAT Style – Live Network Crypto Hacking and Exploitation by Kevin Cardwell a...
SWAT Style – Live Network Crypto Hacking and Exploitation by Kevin Cardwell a...SWAT Style – Live Network Crypto Hacking and Exploitation by Kevin Cardwell a...
SWAT Style – Live Network Crypto Hacking and Exploitation by Kevin Cardwell a...EC-Council
 
Veil-PowerView - NovaHackers
Veil-PowerView - NovaHackersVeil-PowerView - NovaHackers
Veil-PowerView - NovaHackersVeilFramework
 
Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...
Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...
Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...RootedCON
 
BlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deceptionBlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deceptionBlueHat Security Conference
 
A Distributed Malware Analysis System Cuckoo Sandbox
A Distributed Malware Analysis System Cuckoo SandboxA Distributed Malware Analysis System Cuckoo Sandbox
A Distributed Malware Analysis System Cuckoo SandboxAndy Lee
 
Advanced Weapons Training for the Empire
Advanced Weapons Training for the EmpireAdvanced Weapons Training for the Empire
Advanced Weapons Training for the EmpireJeremy Johnson
 
Csw2016 wang docker_escapetechnology
Csw2016 wang docker_escapetechnologyCsw2016 wang docker_escapetechnology
Csw2016 wang docker_escapetechnologyCanSecWest
 
Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0marcioalma
 
1000 to 0
1000 to 01000 to 0
1000 to 0Sunny Neo
 
Di shen pacsec_final
Di shen pacsec_finalDi shen pacsec_final
Di shen pacsec_finalPacSecJP
 
Wielding a cortana
Wielding a cortanaWielding a cortana
Wielding a cortanaWill Schroeder
 
theVIVI-AD-Security-Workshop_AfricaHackon2019.pdf
theVIVI-AD-Security-Workshop_AfricaHackon2019.pdftheVIVI-AD-Security-Workshop_AfricaHackon2019.pdf
theVIVI-AD-Security-Workshop_AfricaHackon2019.pdfGabriel Mathenge
 

More Related Content

What's hot

SANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
SANS Purple Team Summit 2021: Active Directory Purple Team PlaybooksSANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
SANS Purple Team Summit 2021: Active Directory Purple Team PlaybooksMauricio Velazco
 
Defending Your Network
Defending Your NetworkDefending Your Network
Defending Your NetworkAdam Getchell
 
Assume Compromise
Assume CompromiseAssume Compromise
Assume CompromiseZach Grace
 
BlueHat v18 || Linear time shellcode detection using state machines and opera...
BlueHat v18 || Linear time shellcode detection using state machines and opera...BlueHat v18 || Linear time shellcode detection using state machines and opera...
BlueHat v18 || Linear time shellcode detection using state machines and opera...BlueHat Security Conference
 
Defcon 22-colby-moore-patrick-wardle-synack-drop cam
Defcon 22-colby-moore-patrick-wardle-synack-drop camDefcon 22-colby-moore-patrick-wardle-synack-drop cam
Defcon 22-colby-moore-patrick-wardle-synack-drop camPriyanka Aash
 
How Safe is your Link ?
How Safe is your Link ?How Safe is your Link ?
How Safe is your Link ?Peter Hlavaty
 
'Malware Analysis' by PP Singh
'Malware Analysis' by PP Singh'Malware Analysis' by PP Singh
'Malware Analysis' by PP SinghBipin Upadhyay
 
Современные технологии и инструменты анализа вредоносного ПО_PHDays_2017_Pisk...
Современные технологии и инструменты анализа вредоносного ПО_PHDays_2017_Pisk...Современные технологии и инструменты анализа вредоносного ПО_PHDays_2017_Pisk...
Современные технологии и инструменты анализа вредоносного ПО_PHDays_2017_Pisk...Ivan Piskunov
 
Алексей Старов - Как проводить киберраследования?
Алексей Старов - Как проводить киберраследования?Алексей Старов - Как проводить киберраследования?
Алексей Старов - Как проводить киберраследования?HackIT Ukraine
 
AntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDay
AntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDayAntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDay
AntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDayINCIDE
 
SWAT Style – Live Network Crypto Hacking and Exploitation by Kevin Cardwell a...
SWAT Style – Live Network Crypto Hacking and Exploitation by Kevin Cardwell a...SWAT Style – Live Network Crypto Hacking and Exploitation by Kevin Cardwell a...
SWAT Style – Live Network Crypto Hacking and Exploitation by Kevin Cardwell a...EC-Council
 
Veil-PowerView - NovaHackers
Veil-PowerView - NovaHackersVeil-PowerView - NovaHackers
Veil-PowerView - NovaHackersVeilFramework
 
Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...
Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...
Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...RootedCON
 
BlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deceptionBlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deceptionBlueHat Security Conference
 
A Distributed Malware Analysis System Cuckoo Sandbox
A Distributed Malware Analysis System Cuckoo SandboxA Distributed Malware Analysis System Cuckoo Sandbox
A Distributed Malware Analysis System Cuckoo SandboxAndy Lee
 
Advanced Weapons Training for the Empire
Advanced Weapons Training for the EmpireAdvanced Weapons Training for the Empire
Advanced Weapons Training for the EmpireJeremy Johnson
 
Csw2016 wang docker_escapetechnology
Csw2016 wang docker_escapetechnologyCsw2016 wang docker_escapetechnology
Csw2016 wang docker_escapetechnologyCanSecWest
 
Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0marcioalma
 
Di shen pacsec_final
Di shen pacsec_finalDi shen pacsec_final
Di shen pacsec_finalPacSecJP
 

What's hot (20)

SANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
SANS Purple Team Summit 2021: Active Directory Purple Team PlaybooksSANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
SANS Purple Team Summit 2021: Active Directory Purple Team Playbooks
 
Defending Your Network
Defending Your NetworkDefending Your Network
Defending Your Network
 
Assume Compromise
Assume CompromiseAssume Compromise
Assume Compromise
 
BlueHat v18 || Linear time shellcode detection using state machines and opera...
BlueHat v18 || Linear time shellcode detection using state machines and opera...BlueHat v18 || Linear time shellcode detection using state machines and opera...
BlueHat v18 || Linear time shellcode detection using state machines and opera...
 
Defcon 22-colby-moore-patrick-wardle-synack-drop cam
Defcon 22-colby-moore-patrick-wardle-synack-drop camDefcon 22-colby-moore-patrick-wardle-synack-drop cam
Defcon 22-colby-moore-patrick-wardle-synack-drop cam
 
How Safe is your Link ?
How Safe is your Link ?How Safe is your Link ?
How Safe is your Link ?
 
'Malware Analysis' by PP Singh
'Malware Analysis' by PP Singh'Malware Analysis' by PP Singh
'Malware Analysis' by PP Singh
 
Современные технологии и инструменты анализа вредоносного ПО_PHDays_2017_Pisk...
Современные технологии и инструменты анализа вредоносного ПО_PHDays_2017_Pisk...Современные технологии и инструменты анализа вредоносного ПО_PHDays_2017_Pisk...
Современные технологии и инструменты анализа вредоносного ПО_PHDays_2017_Pisk...
 
Алексей Старов - Как проводить киберраследования?
Алексей Старов - Как проводить киберраследования?Алексей Старов - Как проводить киберраследования?
Алексей Старов - Как проводить киберраследования?
 
AntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDay
AntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDayAntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDay
AntiVirus Evasion Techniques Use of Crypters 2k14 at MundoHackerDay
 
SWAT Style – Live Network Crypto Hacking and Exploitation by Kevin Cardwell a...
SWAT Style – Live Network Crypto Hacking and Exploitation by Kevin Cardwell a...SWAT Style – Live Network Crypto Hacking and Exploitation by Kevin Cardwell a...
SWAT Style – Live Network Crypto Hacking and Exploitation by Kevin Cardwell a...
 
Veil-PowerView - NovaHackers
Veil-PowerView - NovaHackersVeil-PowerView - NovaHackers
Veil-PowerView - NovaHackers
 
Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...
Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...
Sheila Ayelen Berta - The Art of Persistence: "Mr. Windows… I don’t wanna go ...
 
BlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deceptionBlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deception
 
A Distributed Malware Analysis System Cuckoo Sandbox
A Distributed Malware Analysis System Cuckoo SandboxA Distributed Malware Analysis System Cuckoo Sandbox
A Distributed Malware Analysis System Cuckoo Sandbox
 
Advanced Weapons Training for the Empire
Advanced Weapons Training for the EmpireAdvanced Weapons Training for the Empire
Advanced Weapons Training for the Empire
 
Csw2016 wang docker_escapetechnology
Csw2016 wang docker_escapetechnologyCsw2016 wang docker_escapetechnology
Csw2016 wang docker_escapetechnology
 
Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0
 
1000 to 0
1000 to 01000 to 0
1000 to 0
 
Di shen pacsec_final
Di shen pacsec_finalDi shen pacsec_final
Di shen pacsec_final
 

Similar to BlackHat Arsenal 2021 : PurpleSharp - Active Directory Attack Simulations

theVIVI-AD-Security-Workshop_AfricaHackon2019.pdf
theVIVI-AD-Security-Workshop_AfricaHackon2019.pdftheVIVI-AD-Security-Workshop_AfricaHackon2019.pdf
theVIVI-AD-Security-Workshop_AfricaHackon2019.pdfGabriel Mathenge
 
Penetration Testing and Intrusion Detection System
Penetration Testing and Intrusion Detection SystemPenetration Testing and Intrusion Detection System
Penetration Testing and Intrusion Detection SystemBikrant Gautam
 
EMBA - Firmware analysis - Black Hat Arsenal USA 2022
EMBA - Firmware analysis - Black Hat Arsenal USA 2022EMBA - Firmware analysis - Black Hat Arsenal USA 2022
EMBA - Firmware analysis - Black Hat Arsenal USA 2022MichaelM85042
 
How to measure your security response readiness?
How to measure your security response readiness?How to measure your security response readiness?
How to measure your security response readiness?Tomasz Jakubowski
 
Applied machine learning defeating modern malicious documents
Applied machine learning defeating modern malicious documentsApplied machine learning defeating modern malicious documents
Applied machine learning defeating modern malicious documentsPriyanka Aash
 
Weaponizing Recon - Smashing Applications for Security Vulnerabilities & Profits
Weaponizing Recon - Smashing Applications for Security Vulnerabilities & ProfitsWeaponizing Recon - Smashing Applications for Security Vulnerabilities & Profits
Weaponizing Recon - Smashing Applications for Security Vulnerabilities & ProfitsHarsh Bothra
 
Black Hat USA Arsenal 2023: Abusing Microsoft SQL Server with SQLRecon
Black Hat USA Arsenal 2023: Abusing Microsoft SQL Server with SQLReconBlack Hat USA Arsenal 2023: Abusing Microsoft SQL Server with SQLRecon
Black Hat USA Arsenal 2023: Abusing Microsoft SQL Server with SQLReconSanjiv Kawa
 
C#Web Sec Oct27 2010 Final
C#Web Sec Oct27 2010 FinalC#Web Sec Oct27 2010 Final
C#Web Sec Oct27 2010 FinalRich Helton
 
Adversary Emulation and Cracking The Bridge – Overview EMERSON EDUARDO RODRIGUES
Adversary Emulation and Cracking The Bridge – Overview EMERSON EDUARDO RODRIGUESAdversary Emulation and Cracking The Bridge – Overview EMERSON EDUARDO RODRIGUES
Adversary Emulation and Cracking The Bridge – Overview EMERSON EDUARDO RODRIGUESEMERSON EDUARDO RODRIGUES
 
PurpleSharp BlackHat Arsenal Asia
PurpleSharp BlackHat Arsenal AsiaPurpleSharp BlackHat Arsenal Asia
PurpleSharp BlackHat Arsenal AsiaMauricio Velazco
 
SANS_PentestHackfest_2022-PurpleTeam_Cloud_Identity.pptx
SANS_PentestHackfest_2022-PurpleTeam_Cloud_Identity.pptxSANS_PentestHackfest_2022-PurpleTeam_Cloud_Identity.pptx
SANS_PentestHackfest_2022-PurpleTeam_Cloud_Identity.pptxJasonOstrom1
 
Owning computers without shell access dark
Owning computers without shell access darkOwning computers without shell access dark
Owning computers without shell access darkRoyce Davis
 
Reverse Engineering Malware - A Practical Guide
Reverse Engineering Malware - A Practical GuideReverse Engineering Malware - A Practical Guide
Reverse Engineering Malware - A Practical Guideintertelinvestigations
 
ADVERSARY EMULATION MATRIX by Joas EMERSON EDUARDO RODRIGUES
ADVERSARY EMULATION MATRIX by Joas EMERSON EDUARDO RODRIGUESADVERSARY EMULATION MATRIX by Joas EMERSON EDUARDO RODRIGUES
ADVERSARY EMULATION MATRIX by Joas EMERSON EDUARDO RODRIGUESEMERSON EDUARDO RODRIGUES
 
Mapping Detection Coverage
Mapping Detection CoverageMapping Detection Coverage
Mapping Detection CoverageJared Atkinson
 

Similar to BlackHat Arsenal 2021 : PurpleSharp - Active Directory Attack Simulations (20)

Wielding a cortana
Wielding a cortanaWielding a cortana
Wielding a cortana
 
theVIVI-AD-Security-Workshop_AfricaHackon2019.pdf
theVIVI-AD-Security-Workshop_AfricaHackon2019.pdftheVIVI-AD-Security-Workshop_AfricaHackon2019.pdf
theVIVI-AD-Security-Workshop_AfricaHackon2019.pdf
 
Penetration Testing and Intrusion Detection System
Penetration Testing and Intrusion Detection SystemPenetration Testing and Intrusion Detection System
Penetration Testing and Intrusion Detection System
 
EMBA - Firmware analysis - Black Hat Arsenal USA 2022
EMBA - Firmware analysis - Black Hat Arsenal USA 2022EMBA - Firmware analysis - Black Hat Arsenal USA 2022
EMBA - Firmware analysis - Black Hat Arsenal USA 2022
 
How to measure your security response readiness?
How to measure your security response readiness?How to measure your security response readiness?
How to measure your security response readiness?
 
Applied machine learning defeating modern malicious documents
Applied machine learning defeating modern malicious documentsApplied machine learning defeating modern malicious documents
Applied machine learning defeating modern malicious documents
 
From P0W3R to SH3LL
From P0W3R to SH3LLFrom P0W3R to SH3LL
From P0W3R to SH3LL
 
Weaponizing Recon - Smashing Applications for Security Vulnerabilities & Profits
Weaponizing Recon - Smashing Applications for Security Vulnerabilities & ProfitsWeaponizing Recon - Smashing Applications for Security Vulnerabilities & Profits
Weaponizing Recon - Smashing Applications for Security Vulnerabilities & Profits
 
I hunt sys admins 2.0
I hunt sys admins 2.0I hunt sys admins 2.0
I hunt sys admins 2.0
 
Black Hat USA Arsenal 2023: Abusing Microsoft SQL Server with SQLRecon
Black Hat USA Arsenal 2023: Abusing Microsoft SQL Server with SQLReconBlack Hat USA Arsenal 2023: Abusing Microsoft SQL Server with SQLRecon
Black Hat USA Arsenal 2023: Abusing Microsoft SQL Server with SQLRecon
 
C#Web Sec Oct27 2010 Final
C#Web Sec Oct27 2010 FinalC#Web Sec Oct27 2010 Final
C#Web Sec Oct27 2010 Final
 
Intrusion Techniques
Intrusion TechniquesIntrusion Techniques
Intrusion Techniques
 
Adversary Emulation and Cracking The Bridge – Overview EMERSON EDUARDO RODRIGUES
Adversary Emulation and Cracking The Bridge – Overview EMERSON EDUARDO RODRIGUESAdversary Emulation and Cracking The Bridge – Overview EMERSON EDUARDO RODRIGUES
Adversary Emulation and Cracking The Bridge – Overview EMERSON EDUARDO RODRIGUES
 
PurpleSharp BlackHat Arsenal Asia
PurpleSharp BlackHat Arsenal AsiaPurpleSharp BlackHat Arsenal Asia
PurpleSharp BlackHat Arsenal Asia
 
SANS_PentestHackfest_2022-PurpleTeam_Cloud_Identity.pptx
SANS_PentestHackfest_2022-PurpleTeam_Cloud_Identity.pptxSANS_PentestHackfest_2022-PurpleTeam_Cloud_Identity.pptx
SANS_PentestHackfest_2022-PurpleTeam_Cloud_Identity.pptx
 
Owning computers without shell access dark
Owning computers without shell access darkOwning computers without shell access dark
Owning computers without shell access dark
 
Reverse Engineering Malware - A Practical Guide
Reverse Engineering Malware - A Practical GuideReverse Engineering Malware - A Practical Guide
Reverse Engineering Malware - A Practical Guide
 
ADVERSARY EMULATION MATRIX by Joas EMERSON EDUARDO RODRIGUES
ADVERSARY EMULATION MATRIX by Joas EMERSON EDUARDO RODRIGUESADVERSARY EMULATION MATRIX by Joas EMERSON EDUARDO RODRIGUES
ADVERSARY EMULATION MATRIX by Joas EMERSON EDUARDO RODRIGUES
 
The Veil-Framework
The Veil-FrameworkThe Veil-Framework
The Veil-Framework
 
Mapping Detection Coverage
Mapping Detection CoverageMapping Detection Coverage
Mapping Detection Coverage
 

More from Mauricio Velazco

Detection-as-Code: Test Driven Detection Development.pdf
Detection-as-Code: Test Driven Detection Development.pdfDetection-as-Code: Test Driven Detection Development.pdf
Detection-as-Code: Test Driven Detection Development.pdfMauricio Velazco
 
Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...
Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...
Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...Mauricio Velazco
 
BlackHat 2020 Arsenal - PurpleSharp: Adversary Simulation for the Blue Team
BlackHat 2020 Arsenal - PurpleSharp: Adversary Simulation for the Blue TeamBlackHat 2020 Arsenal - PurpleSharp: Adversary Simulation for the Blue Team
BlackHat 2020 Arsenal - PurpleSharp: Adversary Simulation for the Blue TeamMauricio Velazco
 
LimaHack 2011 - Stuxnet : El arma del futuro
LimaHack 2011 - Stuxnet : El arma del futuroLimaHack 2011 - Stuxnet : El arma del futuro
LimaHack 2011 - Stuxnet : El arma del futuroMauricio Velazco
 
Peruhack 2015 - Cyberespionaje de Naciones
Peruhack 2015 - Cyberespionaje de NacionesPeruhack 2015 - Cyberespionaje de Naciones
Peruhack 2015 - Cyberespionaje de NacionesMauricio Velazco
 
PeruHack 2014 - Post Explotacion en Entornos Windows
PeruHack 2014 - Post Explotacion en Entornos WindowsPeruHack 2014 - Post Explotacion en Entornos Windows
PeruHack 2014 - Post Explotacion en Entornos WindowsMauricio Velazco
 
Limahack 2010 - Creando exploits para GNU/Linux
Limahack 2010 - Creando exploits para GNU/LinuxLimahack 2010 - Creando exploits para GNU/Linux
Limahack 2010 - Creando exploits para GNU/LinuxMauricio Velazco
 
Limahack 2009 - SSL no esta roto ... o si ?
Limahack 2009 - SSL no esta roto ... o si ?Limahack 2009 - SSL no esta roto ... o si ?
Limahack 2009 - SSL no esta roto ... o si ?Mauricio Velazco
 
ATT&CKcon 2.0 2019 - Tracking and measuring your ATT&CK coverage with ATT&CK2...
ATT&CKcon 2.0 2019 - Tracking and measuring your ATT&CK coverage with ATT&CK2...ATT&CKcon 2.0 2019 - Tracking and measuring your ATT&CK coverage with ATT&CK2...
ATT&CKcon 2.0 2019 - Tracking and measuring your ATT&CK coverage with ATT&CK2...Mauricio Velazco
 
Derbycon 2017: Hunting Lateral Movement For Fun & Profit
Derbycon 2017: Hunting Lateral Movement For Fun & ProfitDerbycon 2017: Hunting Lateral Movement For Fun & Profit
Derbycon 2017: Hunting Lateral Movement For Fun & ProfitMauricio Velazco
 
LinuxWeek 2010 - Client Side Attacks
LinuxWeek 2010 - Client Side AttacksLinuxWeek 2010 - Client Side Attacks
LinuxWeek 2010 - Client Side AttacksMauricio Velazco
 

More from Mauricio Velazco (13)

Detection-as-Code: Test Driven Detection Development.pdf
Detection-as-Code: Test Driven Detection Development.pdfDetection-as-Code: Test Driven Detection Development.pdf
Detection-as-Code: Test Driven Detection Development.pdf
 
BSides Panama 2022
BSides Panama 2022BSides Panama 2022
BSides Panama 2022
 
Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...
Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...
Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...
 
BlackHat 2020 Arsenal - PurpleSharp: Adversary Simulation for the Blue Team
BlackHat 2020 Arsenal - PurpleSharp: Adversary Simulation for the Blue TeamBlackHat 2020 Arsenal - PurpleSharp: Adversary Simulation for the Blue Team
BlackHat 2020 Arsenal - PurpleSharp: Adversary Simulation for the Blue Team
 
LimaHack 2011 - Stuxnet : El arma del futuro
LimaHack 2011 - Stuxnet : El arma del futuroLimaHack 2011 - Stuxnet : El arma del futuro
LimaHack 2011 - Stuxnet : El arma del futuro
 
Peruhack 2015 - Cyberespionaje de Naciones
Peruhack 2015 - Cyberespionaje de NacionesPeruhack 2015 - Cyberespionaje de Naciones
Peruhack 2015 - Cyberespionaje de Naciones
 
PeruHack 2014 - Post Explotacion en Entornos Windows
PeruHack 2014 - Post Explotacion en Entornos WindowsPeruHack 2014 - Post Explotacion en Entornos Windows
PeruHack 2014 - Post Explotacion en Entornos Windows
 
Limahack 2010 - Creando exploits para GNU/Linux
Limahack 2010 - Creando exploits para GNU/LinuxLimahack 2010 - Creando exploits para GNU/Linux
Limahack 2010 - Creando exploits para GNU/Linux
 
Limahack 2009 - SSL no esta roto ... o si ?
Limahack 2009 - SSL no esta roto ... o si ?Limahack 2009 - SSL no esta roto ... o si ?
Limahack 2009 - SSL no esta roto ... o si ?
 
Bsides Latam 2019
Bsides Latam 2019Bsides Latam 2019
Bsides Latam 2019
 
ATT&CKcon 2.0 2019 - Tracking and measuring your ATT&CK coverage with ATT&CK2...
ATT&CKcon 2.0 2019 - Tracking and measuring your ATT&CK coverage with ATT&CK2...ATT&CKcon 2.0 2019 - Tracking and measuring your ATT&CK coverage with ATT&CK2...
ATT&CKcon 2.0 2019 - Tracking and measuring your ATT&CK coverage with ATT&CK2...
 
Derbycon 2017: Hunting Lateral Movement For Fun & Profit
Derbycon 2017: Hunting Lateral Movement For Fun & ProfitDerbycon 2017: Hunting Lateral Movement For Fun & Profit
Derbycon 2017: Hunting Lateral Movement For Fun & Profit
 
LinuxWeek 2010 - Client Side Attacks
LinuxWeek 2010 - Client Side AttacksLinuxWeek 2010 - Client Side Attacks
LinuxWeek 2010 - Client Side Attacks
 

Recently uploaded

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfjimielynbastida
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 

Recently uploaded (20)

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Science&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdfScience&tech:THE INFORMATION AGE STS.pdf
Science&tech:THE INFORMATION AGE STS.pdf
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 

BlackHat Arsenal 2021 : PurpleSharp - Active Directory Attack Simulations