December 2018 Meeting | gt.issa.org - an Information System Security Association Chapter

Nathan Drier led a hands-on workshop showing attendees how attacks can be performed against an organization’s Windows servers and how to detect the attacks. The tools that were used leveraged the Kali operating system (https://www.kali.org/) modules from the MITRE ATT&CK framework (https://attack.mitre.org/). The workshop covered attacks that focus on obtaining admin credentials, lateral movement, privilege escalation, and data exfiltration. Tools and techniques that were used for the attacks were Metasploit, exploit, meterpreter, incognito, impersonate_token, mimikatz, crackmapexec, empire, and more. Tools that were used to detect the attacks were Event Viewer, Log Viewer, and Power Shell.