S2E07: DerbyCon Edition w/ Carlos Perez & Benjamin Delpy
State of the Hack
English - September 12, 2019 13:14 - 30 minutes - 20.8 MB - ★★★★★ - 28 ratingsTechnology News Tech News fireeye mandiant cybersecurity malware hacker Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: S2E06: APT41 - Double Dragon: The Spy Who Fragged Me
Next Episode: S2E08: DerbyCon Edition with Nate Warfield
In this episode, Christopher Glyer and Nick Carr interview the
Darkoperator (@Carlos_Perez) and Benjamin Delpy (@gentilkiwi) on all
things related to Mimikatz and Kekeo. They discuss Carlos' new class
on Mimikatz, the background on why he started it, how red teamers can
use the features in unique/creative ways, and how blue teamers can
detect the activity. Benjamin shared the background on how he
developed the tools (hint - he didn't read the kerberos RFC), some of
its lesser known capabilities, like cloning near field communication
(NFC) proximity badges, how kerberos golden tickets got their default
10 year lifetime, why you only really need to set the expiration to 20
minutes, and his "creative" documentation (e.g. animated GIF posted to
Twitter).