Level: 1337
Abstract:
The presentation showcases two parts of a complex research. Firstly we will take a look over how can Internet Explorer can be weaponized through an OLE object in a Word document to drop & execute a C2 implant. Secondly, we will go for an in-depth technical method of how to build an undetectable (even by EDRs) implant in PowerShell, alongside with the Command and Control server.(Live PoC included)
Bio:
Cristian Cornea is an experienced ethical hacker with a passion for giving back to the community, advocating for real technical skills, and not just “paper security”. His conference talks and community projects are widely known around the globe, BSides Transylvania being one of them. Apart from that, Cristian is a member of the Certified Ethical Hacker (CEH) Scheme Committee, a holder of more than 20 certifications (including OSCE, OSEP, OSWE, CRT), and a global infosec trainer.”