Active Countermeasures Webcast
07-03-2018
Attack Tactics: Part 3
No Active Directory? No Problem!
For this next installment of our Attack Tactics webcast series, John Strand looks at an environment that had no Active Directory. This is odd, but it’s becoming more and more common for new companies to have everything in the “cloud” and everything BYOD. This is also a great case-study on how to access services like Git, Slack, Gsuites, Salesforce and so on, because even if you are still using AD, you WILL be moving to the cloud. This webcast is for everyone.
Finally, as testers, we need to evolve our testing to be able to successfully test these cloud services. This means we all need to up our game and be ready for the next round of cloud-based enterprise technologies!
Presented by: John Strand
Timeline:
- 6:30 New Trend
- 7:30 BYOD and Cloud; Network Blocks
- 12:41 Eyewitness
- 17:11 Shodan/ images.shodan.io
- 24:30 Scraping Users with Google and Burp; Password Spraying
- 30:22 Attacking Google 2FA; Phishing Ruse
- 35:03 Credsniper
- 42:14 Getting Documents; Changing Firewall
- 45:02 Takeaways
- 49:27 Q&A