Position summary


Alsid being experts in Microsoft Active Directory security, we are looking for an intern specialized in IT security and who loves offensive research projects.

During your internship, you will be in charge of a technical study about the security of Microsoft Managed Service Accounts. As a new feature introduced in the 2008R2 version of Windows Server, it enables automatic authentication secrets renewal for specific user accounts. Your study will determine weak points in the protocol design or its implementation and propose tools to demonstrate how to circumvent their primary functionalities.

Results of your research will be integrated in Alsid's products and might be publicly published. As such, you will be supervized by multiple senior security researchers, who have already presented in a few international conferences (such as BlackHat USA).

Responsabilities & Technical Qualifications


What you’ll do:

  • Build a test infrastructure using Windows Server 2016 in order to study Managed Service Accounts deployment and inner workings
  • Deep study of the protocol specifications, and most notably the automatic password renewal part used by the Managed Service Accounts
  • Retro-engineer of the Managed Service Account implementation libraries in order to find potential vulnerabilities
  • Implement proof-of-concept tools to demonstrate what you've found
  • Formalize your work in a scientific paper that you could present in a security conference

What you might look like:

  • System architecture deep knowledge (process implementations, libraries, access control, ...)
  • Authentication protocols (NTLM, Kerberos, ...) good base
  • Standard attack technics (pass-the-hash, pass-the-ticket, responder, golden ticket, ...)
  • Remote administration protocols (RPC, WinRM, WMI, ...)
  • Complex technical project working capability
  • Development tools basic knowledge (Git, Docker, ...)
  • Security deep-research tools (IDA, WinDBG, Wireshark, ...)
  • Microsoft development environment lure (Visual Studio, Azure, ...)
  • Scripting language basic knowledge (PowerShell, Python, ...)
  • Good verbal and written capabilities

Practical aspects


 Salary:

  • Stimulating compensation

 Position:

  • Full-time job

 Location:

  • Paris, France (Alsid Offices, rue d'Aboukir)

Start your application now

Help us shape to future of information security