Presented at
DEF CON 33 (2025),
Aug. 9, 2025, 1 p.m.
(45 minutes).
Proxies, along with local, reverse, and dynamic forwards, enable red teams to maintain persistent access and move laterally within target environments. By combining these techniques, operators can construct sophisticated attack chains that enable deep network access through multiple segmented environments. This presentation will dive into the setup, usage, and attacker techniques required to be effective with proxies. To demonstrate these techniques, the presenters will use a publicly available tunneling toolkit, Messenger.
Presenters:
-
Kevin Clark
- Red Team Instructor at BC Security
Kevin Clark is a Security Consultant with TrustedSec and a Red Team Instructor with BC Security, with a diverse background in software development, penetration testing, and offensive security operations. Kevin specializes in initial access techniques and Active Directory exploitation. He has contributed to open-source projects such as PowerShell Empire and developed custom security toolkits, including Badrats and Ek47. A skilled trainer and speaker, Kevin has delivered talks and conducted training sessions all over the country at cybersecurity conferences, including Black Hat and DEF CON, and authors a cybersecurity blog at https://henpeebin.com/kevin/blog.
-
Skyler Knecht
Skyler is a Senior Security consultant at SpecterOps, where he performs security assessments for Fortune 500 organizations. With over six years of experience, he focuses on initial access research and contributes to the security community through open-source development and conference presentations. Skyler has presented at DEF CON and BSides and actively collaborates on open-source projects such as Messenger, Ek47, Connect, and Metasploit. He also conducts vulnerability research, having discovered multiple zero-day vulnerabilities in enterprise software.