Developing Highly Effective Payloads

Presented at Kernelcon 2023, April 15, 2023, 2:30 p.m. (60 minutes)

As adversaries become more increasingly sophisticated, it is important for security professionals to understand and stay up-to-date on the tactics and techniques used by attackers. It is crucial for organizations to recognize the threats they face and implement appropriate defenses. We must understand and emulate the tactics used by modern attackers. Understanding such targeted attacks will help to harden our defenses. This talk will demonstrate the process of creating a payload that mimics modern spear phishing payloads, which are highly targeted and often successful in compromising organizations. The goal is to demonstrate a payload that would achieve a high execution rate in an organization. Throughout this talk, we will illustrate the methodology involved in creating and deploying a payload to target an organization. The talk will include a demo where we will explore how to create a payload that can achieve initial compromise in a modern environment with only publicly available tools and scripts.

Presenters:

• Kevin Umsted
  Cyber security analyst in higher education with 8 years of security experience. Experience in penetration testing and adversary emulation. Massive advocate of knowledge sharing withing the information security community.

Similar Presentations:

• Black Hat USA 2022 / ELF Section Docking: Revisiting Stageless Payload Delivery
• DEF CON 22 (2014) / Generating ROP payloads from numbers
• DEF CON 30 (2022) / Hybrid Phishing Payloads: From Threat-actors to You Workshop