Tools of the Chain: Part 2 presented at BSidesHarrisburg 2019

by Charles Sgrillo,

Summary : Both theory and hands on demos will be used throughout the presentation to provide real world examples of:Reconnaissance – What can adversary’s find out through both passive and active information gathering techniques.Weaponization – A hands on overview of the tools & techniques used to create weaponized payloads.Delivery – An overview of popular social engineering and phishing frameworksExploitation – Attendees will follow along as we complete the diskless exploitation of a victim machineInstallation – Overview of techniques used to install malware and bypass egress controls for C2 communicationCommand & Control – Popular C2 frameworks will be discussed and demonstratedExfiltration – An overview of steganography and a demo of a DLP bypassing data exfil technique.