A Year in the Red
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore the latest advancements in red team tactics from the past year in this conference talk from HITB Security Conference. Delve into public research and MDSec's ActiveBreach team findings, covering domain fronting techniques for evading proxy categorization, methods for exploiting ADFS endpoints to penetrate corporate environments, and strategies to bypass expensive malware protection sandboxes. Gain insights from real-world examples, demonstrations, and war stories illustrating both successes and failures in the field. Conclude with predictions for offensive and defensive trends in the coming year, presented by experienced security professionals Dominic Chell and Vincent Yiu.
Syllabus
Introduction
Link Sniper
Federation
Skype Support Account
Categorization
Chameleon Demo
Blue Coat Demo
Malware Analysis
Fire IPS
File Types
Predefined Guest Images
Spawn Chains
Bypassing Regs
Power DNS
Power DNS Demo
Domain Fronting
Examples
Drawbacks
Domain Fronting Demo
Lateral Movement Diagram
Poll Results
Bloodhound
Graph
ACLs
Angry Puppy
Angry Puppy Demo
Whats Next
Thanks
Questions
Taught by
Hack In The Box Security Conference
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network