Jonas Bülow Knudsen
My name is Jonas, and I am working as a Product Architect at SpecterOps. I enjoy writing ugly code to solve real and imaginary technical problems in the offensive and defensive security space. In my daily tasks, I investigate attack vectors to determine how they can be implemented in BloodHound.
I have a background as a security consultant working with customers to harden their AD and Windows infrastructure, and I have practical experience fixing and breaking customer environments with security measures such as AD tiering, Protected Users, IPSec, and disabling NTLM.
Session
Microsoft asserts that the Active Directory (AD) forest is a security boundary, implying that cross-forest trusts do not grant administrative control over another forest; however, misconfigurations and permission delegations can erode this boundary, exposing hidden attack paths. In this talk, we will uncover how to identify and abuse these attack paths across AD forests.