No longer can we expect to accomplish all our red team objectives in a flat network consisting entirely of Active Directory-joined hosts. Segregated networks, non-domain joined systems, third-party storage providers, and the growing presence of Unix systems have made exploiting an enterprise much more complicated than simply gaining Domain Admin access. Often, intellectual property, client data, credit card information, and other PII are segregated onto different hosts and environments that cannot communicate with one-another. In this talk, I walk you through the newest methodologies in place to both find and exploit these hidden systems and assets when they are outside the domain.

Brandon Arvanaghi (Associate Consultant at FireEye)
Brandon Arvanaghi (@arvanaghi) is a security consultant at Mandiant, where he has conducted red team operations against several Fortune 500 companies. At Mandiant, he has written tools for webshell detection and malware sandbox evasion. He has also contributed to several large open-source red teaming tools, including PowerShell Empire. Prior to Mandiant, Brandon conducted research on automated attack plan generation.