About BSides Bloomington

The objective of this Capture-the-Flag style one-day class is to take students with existing networks or systems administration experience and teach them how to: 1. Perform a comprehensive penetration test against Active Directory environments. 2. Spot differences between good and bad penetration tests. We understand that not everyone taking a pen test class will want to be a penetration tester. Hence, we have organized this class to be a well-rounded experience, allowing both aspiring red teamers and blue teamers to get the most out of it. This class will provide students with hands-on experience with all phases of a penetration test, from information gathering to reporting.

Class Schedule:

• What does a good pen test look like?

• Pre-assessment activities

• Passive and active information gathering

• Vulnerability analysis in an Active Directory environment

• Exploitation

• Post exploitation

• Lateral movement

• Domain privilege escalation

• Reporting

A Note to Prospective Students: An introductory penetration testing class like this will only be beneficial to students who intimately know computer networking and have Active Directory administration experience. Existing experience with Windows command line, Linux administration, and Active Directory is highly recommended. For example, students should know how a packet traverses from point A to point B on the OSI model, and what HTTP GET and POST requests look like. Students should have hands-on experience creating domain users in Active Directory and/or setting up a domain controller. Students should be comfortable with the Linux command line as our primary attack host will be Linux-based. Students should bring a laptop capable of running a Kali Linux VM and connecting to a wireless network. A VirtualBox image of customized Kali Linux will be provided a week before the class begins. Instructors will not provide support for VMWare, Parallels, Hyper-V, or other virtualization platforms.

Requirements

• Feel free to use a VM of your choice (I prefer Kali Linux https://www.kali.org/get-kali/)
  • Please ensure the VM has the following tools at minimum:
    • Nmap (sudo apt install nmap)
    • Crackmapexec (pre-installed in Kali)
    • Proxcychains (pre-installed in Kali)
    • Impacket framework (sudo apt install impacket-scripts)
    • Bloodhound and Neo4j (sudo apt install bloodhound will install both)
    • Python-Bloodhound ingestion script (https://github.com/fox-it/BloodHound.py)
    • John the Ripper (Hashcat if you prefer and have GPU – both pre-installed in Kali)
    • Evil-WinRM (sudo apt install evil-winrm)
    • Rubeus (https://github.com/GhostPack/Rubeus)
      • We will provide a precompiled version, though compiling one yourself will provide good practice. Bonus points if you get it past Defender by obfuscating it through https://github.com/mkaring/ConfuserEx.
• The VPN profile needed to connect to the lab environment will be provided the day of the training. You will have week-long access to the lab.

We strongly recommend using a personal device for training. While we will do everything from a Virtual Machine to avoid leaving any malicious tools on your host, corporate devices tend to block access to or the use malicious tools/sites (for a good reason). Please ensure that the device you bring meets the following requirements:

• Virtualization is enabled and you have a working Kali Linux VM running.
  • You’ve logged in to the VM using default credentials of kali:kali
• Firewall or other security controls won’t prevent your device from reaching out to
  • Kali.org, Kali.download, and http.kali.org
  • Github.com
  • https://raw.githubusercontent.com
  • pypi.python.org
  • pypi.org
  • pythonhosted.org

This is not an entry-level IT/Tech class. Penetration testing is a specialization within technology fields. You are expected to be comfortable with Linux and Windows to do well in this class. We will be using Kali Linux as our primary attack platform. You will be navigating the filesystem using the command line, installing software using apt-get and Python-pip, cloning GitHub repositories using git, etc. On the Windows side, you will be attacking an Active Directory environment and exploiting configurations, not missing patches. So, it will help to be familiar with Active Directory user and device management. Should you need some resources to help you prepare, please let me know, and I will be happy to recommend them. I generally find https://tryhackme.com/ has valuable resources around preparing for a penetration testing class or role. I specifically like the following:

• https://tryhackme.com/path/outline/presecurity Sections 2 (Networking Fundamentals), 3 (How the Web Works), 4 (Linux Fundamentals), and 5 (Windows Fundamentals)
• https://tryhackme.com/room/activedirectorybasics (Paid and totally worth the cost – Or see if your Active Directory admins will let you tag along for a day or two)