A Year in the Red
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore the latest advancements in red team tactics from the past year in this conference talk from HITB Security Conference. Delve into public research and MDSec's ActiveBreach team findings, covering domain fronting techniques for evading proxy categorization, methods for exploiting ADFS endpoints to penetrate corporate environments, and strategies to bypass expensive malware protection sandboxes. Gain insights from real-world examples, demonstrations, and war stories illustrating both successes and failures in the field. Conclude with predictions for offensive and defensive trends in the coming year, presented by experienced security professionals Dominic Chell and Vincent Yiu.
Syllabus
Introduction
Link Sniper
Federation
Skype Support Account
Categorization
Chameleon Demo
Blue Coat Demo
Malware Analysis
Fire IPS
File Types
Predefined Guest Images
Spawn Chains
Bypassing Regs
Power DNS
Power DNS Demo
Domain Fronting
Examples
Drawbacks
Domain Fronting Demo
Lateral Movement Diagram
Poll Results
Bloodhound
Graph
ACLs
Angry Puppy
Angry Puppy Demo
Whats Next
Thanks
Questions
Taught by
Hack In The Box Security Conference
Related Courses
Browser Hacking With ANGLEHack In The Box Security Conference via YouTube Can A Fuzzer Match A Human
Hack In The Box Security Conference via YouTube Biometrics System Hacking in the Age of the Smart Vehicle
Hack In The Box Security Conference via YouTube ICEFALL - Revisiting A Decade Of OT Insecure-By-Design Practices
Hack In The Box Security Conference via YouTube Fuzzing the MCU of Connected Vehicles for Security and Safety
Hack In The Box Security Conference via YouTube