06-04-2018 ACM Webcast: Attack Tactics Part 1

Active Countermeasures Webcast


Attack Tactics: Part 1

John is starting a new series of webcasts called Attack Tactics. This first part is a step-by-step walk-through of an attack BHIS launched against a customer, with just a few obfuscating tweaks. He covers the tools, how we used them and any other tricks we had to pull out for the attack.

The second will be co-hosted by our sister company Active Countermeasures and will go through the defensive side.

Presented by: John Strand


  • 2:14 Overview
  • 3:40 Recon-ng and open source recon; Office 365 redirect
  • 10:14 Compromised credentials; Addition Recon Findings
  • 17:50 First Exploit Attempt; Next attempt/default creds
  • 26:00 Password Spray; OWA Access; Pulling down the Global Address List
  • 33:30 VPN instructions
  • 35:18 Mailsniper; VPN Access; Domain Recon; Kerberoasting
  • 41:00 GPP; Secondary C2
  • 45:00 Password Hashes; Crack Passwords; Search and Plunder
  • 53:00 Concluding Statements
AC-Hunter Datasheet
AC-Hunter Personal Demo
What We’re up To