YoVDO

ClickOnce and You're in - When Appref-ms Abuse is Operating as Intended

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Application Deployment Courses Lateral Movement Courses

Course Description

Overview

Explore the intricacies of .appref-ms files and their potential for malicious exploitation in this 25-minute Black Hat conference talk. Dive deep into the functionality and operation of these files, uncovering methods to leverage them for nefarious purposes. Gain insight into the user experience during execution and learn additional techniques to enhance and conceal malicious capabilities. Examine topics such as ClickOnce technology, application deployment, lateral movement, and command and control management, complete with a live demonstration. Walk away with three key takeaways to better understand and defend against this potential security threat.

Syllabus

Intro
Speaker Introduction
The End of the Golden Age
A New Light Arises
A ClickOnce Summary
Application Deployment
Lateral Movement Rundown
C2 Management - Demo
3 Takeaways


Taught by

Black Hat

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network