Developing Highly Effective Payloads

Presented at Kernelcon 2023, April 15, 2023, 2:30 p.m. (60 minutes).

As adversaries become more increasingly sophisticated, it is important for security professionals to understand and stay up-to-date on the tactics and techniques used by attackers. It is crucial for organizations to recognize the threats they face and implement appropriate defenses. We must understand and emulate the tactics used by modern attackers. Understanding such targeted attacks will help to harden our defenses. This talk will demonstrate the process of creating a payload that mimics modern spear phishing payloads, which are highly targeted and often successful in compromising organizations. The goal is to demonstrate a payload that would achieve a high execution rate in an organization. Throughout this talk, we will illustrate the methodology involved in creating and deploying a payload to target an organization. The talk will include a demo where we will explore how to create a payload that can achieve initial compromise in a modern environment with only publicly available tools and scripts.

Presenters:

  • Kevin Umsted
    Cyber security analyst in higher education with 8 years of security experience. Experience in penetration testing and adversary emulation. Massive advocate of knowledge sharing withing the information security community.

Similar Presentations: