Stephen Bradshaw
Stephen Bradshaw has worked in the cyber security field for almost 20 years in both internally and externally facing roles, across Government as well as the private sector. His current focus includes work such as pentesting, vulnerability hunting, purple and red teaming, working on cyber security incidents and building, designing and maintaining offensive security systems and tools.
Session
The talk will cover:
* How Active Directory (AD) and LDAP are interrelated.
* The types of AD information that can be gathered from LDAP and the security relevance.
* What AD enumeration tools make use of LDAP, how do they work and what are their limitations.
* How you can identify AD domain controllers on an unfamiliar network.
* What are the specific network access and authentication requirements for connecting to AD via LDAP.
* Common approaches to detect LDAP enumeration and potential detection bypasses.