In this talk, drawing inspiration from the phrase "The One That Gets Away," we will delve into innovative strategies and techniques employed by Red Teams to facilitate initial access. Creating effective payloads with consideration of user experience for stealth. The goal of this talk is to provide additional tradecraft for red teams and for defender to gain awareness of these tactics. The speaker will cover the Initial payload development section with concealment. Ian will also cover techniques for making payloads more reputable, which is crucial in increasing the odds for their effectiveness.
At the end of this talk will unveil ingenious techniques that go beyond traditional credential dumping, aiming to obtain sensitive credentials by luring users to willingly input their information. Through carefully crafted scenarios and engaging user experiences, we will demonstrate how seemingly safe actions can lead to unintentional disclosure of valuable credentials without the use of credential dumping techniques, and initial situational awareness considerations before executing later phases of the red team exercise.
23 сен 2024