I was lucky to be offered the chance to begin as a cybersecurity intern at EY. It is a big four firm that specializes in providing services to organizations, with a focus on government and financial institutions.
During my internship, I worked for three months on a very thorough research paper about the bugs and flaws in a Windows Active Directory setting. We came up with the following research question:
"What are the most common vulnerabilities exploited by malicious actors within an Active Directory environment and how can these be mitigated?"
Since I did not choose a topic from EY's predefined list of internship topics, this research question was personalized to my own desires. I was permitted to choose my own topic based on my personal preferences. I had previously informed the internship mentor that I wanted to improve my Windows penetration skills, and this research topic fit the bill perfectly.
I created an action plan during the first phase of my internship to set my goals and ensure the project was realistically feasible. I reflected the company I worked for (EY), the project and research question we formed and the added value for the company. I went on to outline my strategy in terms of preparation and how advice would be offered to me.
The objective I focused on during my internship was my Bachelor's thesis, which can be found below. I made a list of the top five vulnerabilities in Windows Active Directory that I chose to investigate and came up with the following five topics:
Silver Ticket Attack
Golden Ticket Attack
2. Group Policy Misconfigurations
3. Domain Controller Synchronization (DCSync)
4. Token Impersonation
I thoroughly researched each topic, describing to the reader how the protocols operate, why the vulnerabilities exist, how to exploit them, how to detect them and finally, how each one can be mitigated or prevented. Feel free to read my Bachelor's thesis below.