BADMIN: (Ab)using Legitimate Sysadmin Tools for Offense

  • Wednesday, 4 November, 2015 | 11.30 – 12.20 hrs | Level 1 | Room: M 001

View all Sessions

Once attackers gain access to a network, they tend to reconnoiter, elevate privileges and pillage. Antivirus can be a problem for them, but attackers increasingly use legitimate sysadmin tools to perform their post-access operations. This session surveys the tools, offers real-world examples of their use, and presents recommendations to help defend against these sophisticated attacks.


This document was retrieved from on Mon, 18 Feb 2019 07:59:54 -0500.