06-04-2018 ACM Webcast: Attack Tactics Part 1

Active Countermeasures Webcast


Attack Tactics: Part 1

John is starting a new series of webcasts called Attack Tactics. This first part is a step-by-step walk-through of an attack BHIS launched against a customer, with just a few obfuscating tweaks. He covers the tools, how we used them and any other tricks we had to pull out for the attack.

The second will be co-hosted by our sister company Active Countermeasures and will go through the defensive side.

Presented by: John Strand


  • 2:14 Overview
  • 3:40 Recon-ng and open source recon; Office 365 redirect
  • 10:14 Compromised credentials; Addition Recon Findings
  • 17:50 First Exploit Attempt; Next attempt/default creds
  • 26:00 Password Spray; OWA Access; Pulling down the Global Address List
  • 33:30 VPN instructions
  • 35:18 Mailsniper; VPN Access; Domain Recon; Kerberoasting
  • 41:00 GPP; Secondary C2
  • 45:00 Password Hashes; Crack Passwords; Search and Plunder
  • 53:00 Concluding Statements
AI-Hunter Datasheet
Schedule an AI-Hunter Demo
Subscribe To Our Blog
Get email notification of our new blog posts and our occasional emails about events, webcasts and product updates. We are not spammy and you can unsubscribe at any time.