Practical Payload Hiding in Office Docs

Presented at CackalackyCon 1 (2019), May 31, 2019, 9 p.m. (60 minutes)

Office documents have been an attack vector for a long time, but unfortunately they are still a requirement for most businesses. During this talk, we're going to look at some practical ways to hide data, demonstrate data hiding in Word and Excel documents that could be used for payload smuggling or even data exfiltration. We'll look at how to generate malicious documents, tricks for making them harder to analyze, and how to customize them so that they will be less likely to be detected. We'll also look at some of the ways to detect these techniques, and talk about other areas that might be fun to explore in the future.



Similar Presentations: