YoVDO

Payload Delivery for Initial Access in Red Team Engagement

Offered By: Hack In The Box Security Conference via YouTube

Tags

Hack In The Box Security Conference Courses Password Security Courses Attack Surface Management Courses

Course Description

Overview

Explore advanced payload delivery techniques for initial access in red team engagements through this comprehensive conference talk. Delve into strategies for dealing with limited attack surfaces, understanding password changes, and navigating mitigation constraints. Learn about TTP versions and bypasses, and gain insights from a short example. Discover the intricacies of MagicShell code customization and browser exploits. Understand the importance of using valid user agents and implementing strong authentication mechanisms. Emphasize the need for prompt investigation. Witness a practical demonstration that brings these concepts to life, enhancing your understanding of sophisticated red team tactics.

Syllabus

Introduction
Jean Marie Bourbon
Overview
Personal Feedback
How to deal with a limited attack surface
Why did they change the password
Mitigation and constraints
TTP version and bypasses
Short example
Magic
Shell code customization
Browser exploit
Use a valid user agent
Use strong authentication mechanism
Dont wait to investigate
Demo


Taught by

Hack In The Box Security Conference

Related Courses

Browser Hacking With ANGLE
Hack In The Box Security Conference via YouTube
Can A Fuzzer Match A Human
Hack In The Box Security Conference via YouTube
Biometrics System Hacking in the Age of the Smart Vehicle
Hack In The Box Security Conference via YouTube
ICEFALL - Revisiting A Decade Of OT Insecure-By-Design Practices
Hack In The Box Security Conference via YouTube
Fuzzing the MCU of Connected Vehicles for Security and Safety
Hack In The Box Security Conference via YouTube