IT-Defense 2025Hacking and Hardening of Windows Infrastructures

Hacking and Hardening of Windows Infrastructures (IT-Defense Edition)

Instructors: Hagen Molzer, Constantin Wenz

Duration: 2 days -  February 10 - 11, 2025

This two-day version of our “Hacking and Hardening of Windows Infrastructures” training covers the security of Windows infrastructures as they are typically operated in corporate networks today. The focus will be on the use of Microsoft’s directory service Active Directory.

First, our experienced trainers will talk about the basics of how this directory service works (e.g., protocol basics). Then, selected attack vectors will be discussed, demonstrated or practically abused by the participants in hands-on exercises. In doing so, the participants are also going to learn how to use open-source hacking tools, with the aim of finding vulnerabilities in their own infrastructure in order to fix them.

During the training, we will discuss typical threat scenarios in Active Directory infrastructures. You will find out how implementing the Microsoft tier model (aka enterprise access model), which serves as a basis for a concept for secure infrastructure administration, allows you to significantly reduce the existing attack surface.

For our IT-Defense edition, we have reduced this training, which usually lasts three days, by one day and omitted the Entra ID contents.

Our training environment enables you to get to know relevant configuration settings and how to handle selected tools. We use common, freely available hacker tools to demonstrate the effects of individual hardening measures and features. During the training, each participant can use a laptop with various pre-installed tools.

Target group:
Administrators, SOC members, blue team or red team members and (project) managers responsible for Windows administration.

The participants should have solid administration experience in the Windows environment. Basic experience in the administration of Active Directory as well as knowledge about common attacking tools and vectors are an advantage if you want to have the biggest training effect.

The following resources can be used in the run-up to the training in order to familiarize yourself with typical attacking techniques: (“Active Directory” section) (“Active Directory & Kerberos Abuse” and “Credential Access & Dumping” sections)

The exercises require the use of command-line tools such as PowerShell and of common administrative tools from the Active Directory environment. Where necessary, our trainers are happy to assist with the use of attacking tools and Microsoft tools. The exercises are set up in multiple levels, which means that, on the one hand, even experienced Windows administrators will still be challenged, while it is on the other hand made possible for beginners to reproduce the solution of each exercise using the sample solutions that are being provided.

Price: € 2.100

Date: February 10-11, 2025

The Westin Leipzig Hotel
Gerberstraße 15
04105 Leipzig
Tel.: +49 341 988-0