Attacking and Defending Windows Group Policy

Darren (aka, the “GPOGUY”) explores all the ways you can use Group Policy for assessing an organization’s security posture, escalate privileges and use GP as a “malware delivery vehicle”. He’ll also look at techniques for defending against this.

Windows Group Policy is a powerful, ubiquitous and complex technology that has been deployed in most AD environments over time for a variety of tasks. As a result of this complexity, most GP deployments are subject to abuse by attackers for discovering how a Windows environment is secured and where it can be compromised at both the AD and client level. In this talk, Darren will explore all the ways he’s documented for using Group Policy to help move laterally, escalate privileges and compromise client systems. He’ll also share some tools he’s developed for making these tasks easier.

About the Speaker