06-04-2018 ACM Webcast: Attack Tactics Part 1

Active Countermeasures Webcast


Attack Tactics: Part 1

John is starting a new series of webcasts called Attack Tactics. This first part is a step-by-step walk-through of an attack BHIS launched against a customer, with just a few obfuscating tweaks. He covers the tools, how we used them and any other tricks we had to pull out for the attack.

The second will be co-hosted by our sister company Active Countermeasures and will go through the defensive side.

Presented by: John Strand


  • 2:14 Overview
  • 3:40 Recon-ng and open source recon; Office 365 redirect
  • 10:14 Compromised credentials; Addition Recon Findings
  • 17:50 First Exploit Attempt; Next attempt/default creds
  • 26:00 Password Spray; OWA Access; Pulling down the Global Address List
  • 33:30 VPN instructions
  • 35:18 Mailsniper; VPN Access; Domain Recon; Kerberoasting
  • 41:00 GPP; Secondary C2
  • 45:00 Password Hashes; Crack Passwords; Search and Plunder
  • 53:00 Concluding Statements
AC-Hunter Datasheet
AC-Hunter Personal Demo
Subscribe to Our Blog

Sign up for email notifications of our new blog posts, threat hunting training, webcasts and other relevant information.

We are not spammy and you can unsubscribe at any time :)

* indicates required