Mohammad Khreesha

Cybersecurity Consultant at Technawi

Application & Network Security

Session Title | Hacking Active Directory for Fun & Profit

"Active Directory is heavily used for users and IT assets orchestration in companies, institutions, and government agencies. It became elementary service to ease the privileges management.

Hacking and attacking this service is a major threat to these entities, as it has sensitive information about them. This workshop aims to cover the most important techniques and methods through which Active Directory is hacked and explain the best practices that can be applied to reduce the attacks on it.

In this workshop, I will cover topics such as:
- Introduction to Active Directory
- Enumerating Active Directory
- Privilege Escalation Techniques
- Kerberos Attacks & Defense
- Cross Trust Attacks
- Credential Replay Attacks
- Persistence
- AD Defensive Techniques
- ... and more

Note : There will be some practical examples for these techniques during the workshop."

"Mohammad Khreesha, a Cybersecurity Professional, Youtuber, blogger, and public speaker from Jordan with +13 years of experience in IT especially in Security. He is OWASP Amman Chapter Leader and Co-Founder of technawi blog, founder of JISCTF which is the first CTF in Jordan with more 150+ yearly participants.

His research interests in digital forensics, malware Analysis, web & network security, and their integration with AI. He has a YouTube channel in which he publishes training courses and tips in Cybersecurity field to feed the Arabic content on the internet."