Ethical Hacking Laboratory (HackingLab)

The HackingLab creates an environment where students can try to attack or hack different systems. This is a great opportunity to apply theoretical knowledge in practice. We operate the laboratory together with our industry partner NN Group.

What we do

The laboratory’s primary goal is to support the development of young specialists in IT security. Using the laboratory’s software tools, students can increase their expertise and learn to protect assets in the commercial sector.

Ethical hacking is used by security experts to protect systems and detect their weaknesses in order to prevent attack. The aim of ethical hacking is to simulate activities of real hackers by searching for weaknesses in the systems in order to increase their security. This activity is legal and ethical, and is usually carried out in cooperation with owners or administrators of the system.

Head of the laboratory

Ing. Jiří Dostál, Ph.D.

Members of the laboratory

prof. Ing. Róbert Lórencz, CSc.

Head of the Department of Information Security

Equipment

Currently, the laboratory has 4 computers, of which one has the SIEM software for monitoring and assessment of security incidents. The other three are used for virtualization of different servers that are made vulnerable on purpose. The aim is to practice and demonstrate offensive security.

The lab’s activities are focused on these topics

Information Security

Publications

Active Directory Kerberoasting Attack: Monitoring and Detection Techniques

Authors
Kotlaba, L.; Fornůsek, S.; Lórencz, R.
Year
2020
Published
Proceedings of the 6th International Conference on Information Systems Security and Privacy. Madeira: SciTePress, 2020. p. 432-439. ISSN 2184-4356. ISBN 978-989-758-399-5.
Type
Proceedings paper
DOI
10.5220/0008955004320439
Departments
Department of Information Security
Annotation
The paper focus is the detection of Kerberoasting attack in Active Directory environment. The purpose of the attack is to extract service accounts’ passwords without need for any special user access rights or privilege escalation, which makes it suitable for initial phases of network compromise and further pivot for more interesting accounts. The main goal of the paper is to discuss the monitoring possibilities, setting up detection rules built on top of native Active Directory auditing capabilities, including possible ways to minimize false positive alerts.

Contact person

Ing. Jiří Dostál, Ph.D.

Where to find us

Ethical Hacking Laboratory
Department of Information Security
Faculty of Information Technology
Czech Technical University in Prague

Room TH:A-957 (Building A, 9th floor)
Thákurova 7
Prague 6 – Dejvice
160 00

The person responsible for the content of this page: doc. Ing. Štěpán Starosta, Ph.D.