ROOTCON 17 will be on September 27, 28 & 29, 2023 at Taal Vista Hotel in Tagaytay.
Active Directory Pentesting
Active Directory (AD) is the driving force behind enterprises, as it is utilized by more
than 90% of Fortune 1000 companies. Despite its ubiquity, many security professionals
and administrators face challenges in addressing AD security due to a substantial
This course aims to assist security professionals in comprehending, examining, and
practicing threat mitigation and attack strategies in a contemporary Active Directory
We discuss various topics, including AD enumeration, the tools that can be used for it,
domain privilege escalation, domain persistence, Kerberos-based attacks such as
Golden ticket and Silver ticket, ACL issues, SQL server trusts, etc.
The course offers valuable insights for individuals at all levels, whether they are
beginners, red team members, penetration testers, or blue team members.
- Basic knowledge of PowerShell
- Familiarity with the Windows operating system
- Basic understanding of Active Directory.
- Ability to use command line tools.
Red teamer or blue teamer, Penetration tester & Security Professionals.
Senior Security Researcher at INE. Prior to joining INE, He was working
as a senior security researcher at Pentester Academy (Acquired by INE). He has 10+ years of
experience in Network and Web Application Security. He has also worked with the state law
enforcement agencies in the capacity of a Digital Forensics Investigator and was instrumental in
solving IT fraud/crime cases. He has presented/published his work at Blackhat, DEFCON
USA/China, Wireless Village and IoT village. He has contributed to many innovative research
projects like Chigula (WiFi Forensics Framework) and Chellam (First pure WiFi Firewall)
frameworks, and created multiple projects like Vulnerable Web Application OSes, Vulnerable
Router Project and Damn Vulnerable Wordpress. His areas of interest include Advanced
Pentesting, Forensics, WiFi and AD security.
Attacking Serverless Applications
With the advent of serverless computing, the developers no longer have to worry about servers.
The infrastructure management tasks like capacity provisioning, patching, etc. are handled by
the cloud service provider allowing developers to focus only on writing the code.
Serverless architecture is said to be more secure compared to traditional architecture. However,
this does not mean that attacks cannot be performed on it. This training is designed to provide
cybersecurity/cloud professionals with an understanding of how serverless computing works
and the various security risks that can arise in serverless environments.
Participants in the training will learn about the different components of serverless architectures,
such as APIs, event triggers, and serverless functions, and how these components can be
attacked. This training is focused on attack vectors on the AWS serverless application stack.
The class will be conducted on our cloud-based, state-of-the-art lab platform where attendees
will be doing lab exercises in class! Over 90% of class time will be spent on these hands-on
labs! Unlike most cloud trainings, the attendees will not have to set up any resources on their
- Basic knowledge of computers and networking
- Familiarity with the Linux operating system
- An AWS Account (Free Tier Eligible account will suffice)
Pentesters, Developers, Cloud Administrators, AWS Security Enthusiasts and Researchers.
Infrastructure Lead, Lab Platform at INE with strong roots in Cloud, Linux,
and Web Application Security. He has published his work in BlackHat USA/ASIA, Defcon
DemoLabs and has been a co-trainer in Cloud Security and Network Penetration testing
training. He has led teams for various national-level hackathons, including the Smart India
Hackathon conducted by GoI. His areas of interest include Advanced Pentesting, Cloud
Security, Malware Analysis, Cryptography, Web Application Security, and AD Security.