Presentations

Presentations

2020

SO-CON 11/20/20

“OffSecOps”  Slides  |  Video
“Buckle It Up (Or Shells Die!)”  Slides  |   Video

 

2019

DerbyCon 9.0 9/7/19

“Not A Security Boundary: Breaking Forest Trusts”  Slides  |  Video 

“Kerberoasting Revisited”  Slides  |  Video 


Black Hat USA 2019 8/8/19

“Finding Our Path: How We’re Trying to Improve Active Directory Security”  Video 


TROOPERS19 3/21/19

“Not A Security Boundary: Breaking Forest Trusts”  Slides  |   Video 


 

2018

DerbyCon 8.0 10/5/2018

“The Unintended Risks of Trusting Active Directory”  Slides  |  Video 


PSConfEU 4/18/18

“Offensive PowerShell Workshop”  Materials  

“Auditing Domain Trust Relationships”


Sp4rkCon 2.0 4/7/2018

“The Unintended Risks of Trusting Active Directory”  Slides


 

2017

DerbyCon 7.0 9/22/2017

“Here Be Dragons: The Unexplored Land of Active Directory ACLs”  Slides  |  Video 

“An ACE in the Hole: Stealthy Host Persistence via Security Descriptors”  Slides  |  Video 


DEF CON 7/28/2017

“An ACE Up The Sleeve: Designing Active Directory DACL Backdoors”  Slides 


Black Hat 7/26/2017

“An ACE Up The Sleeve: Designing Active Directory DACL Backdoors”  Slides  |  Video 


Charlotte ISSA Annual Summit 5/18/2017

Keynote, “Catch Me If You Can: PowerShell Red vs. Blue”


PSConfEU 5/3/2017-5/5/2017

“Catch Me If You Can: PowerShell Red vs. Blue”  Slides  |  Video

“Defending Your Gold” Slides  |  Interview


BSides Nola 2017 4/1/17

“A Case Study in Attacking KeePass”  Slides 


HackCon 2017 2/15/17

“Empire – Your best friend to secure your systems”


BlueHat Israel 1/25/17

“The Travelling Pentester: Diaries of the Shortest Path to Compromise”  Slides


 

2016

DerbyCon 9/23-24/16

“A Year in the Empire”  Slides  |  Video 

“Attacking EvilCorp: Anatomy of a Corporate Hack”  Slides  |  Video 


44CON 9/16/16

“Trusts You Might Have Missed”   Slides  |  Video 


DEF CON 24 8/6/16

“Six Degrees of Domain Admin”  Slides  |  Video


BSides LV 8/3/2016

“Building an EmPyre with Python”  Slides  

“Six Degrees of Domain Admin”  Slides 


BSides Boston 5/21/2016

“Up is Down, Black is White: Using SCCM for Wrong and Right”  Slides


PSConfEU 4/20/2016-4/21/2016

“Building an Empire with PowerShell”   Slides  |   Video

“Offensive Active Directory (With PowerShell!)”  Slides  |  Video


Troopers16 3/16/2016

“I Have the Power(View)”  Slides  |  Video


 

2015

SANS Hackfest 11/16/2015

“Building an Empire with PowerShell”


BSides DC 10/17/15

“Bridging the Gap”  Slides  |  Video 


BSides Las Vegas 8/5/15

“Building an Empire with PowerShell”  Slides  |   Video


CarolinaCon 11 3/20/15

“Drilling Deeper With Veil’s PowerTools”  Slides  |  Video 


BSides Austin 3/13/2015

“I Hunt Sys Admins 2.0”  Slides 


Shmoocon ’15 Firetalks 1/17/2015

“I Hunt Sys Admins”  Slides  |  Video  


 

2014

SANS Hackfest 11/14/2014

The State of the Veil-Framework” Slides  


BSides DC ’14 10/18/2014

“Adventures in Asymmetric Warfare: Fighting the AV Vendors”  Slides  |  Video 


Derbycon 4.0 9/26/2014

“Passing the Torch: Old School Red Teaming, New School Tactics?”  Slides   |  Video 


BSides Augusta  9/13/2014

“Adventures in Asymmetric Warfare: Fighting the AV Vendors”  Slides  |  Video


Defcon 22 8/8/2014

“Veil-Pillage: Post-Exploitation 2.0”  Slides  |  Video 


Blackhat Arsenal  8/6/2014

“The Veil-Framework” (turbotalk)  Slides  


Carolinacon X 5/17/14

“The Veil-Framework”  Slides  |  Video  


BSidesBoston 5/10/14

“Pwnstaller 1.0” Slides 


BSidesBoston Firetalk 5/10/14

“PowerUp: Automating Windows Privilege Escalation”  Slides


BSides Austin 3/21/14

“Wielding a Cortana”  Slides  |  Video 


NovaHackers 3/10/14

“Veil-PowerView: Situational Awareness With Powershell”  Slides 


Shmooon Epilogue 1/20/14

“AV Evasion With the Veil Framework”  Slides  |   Video 


Shmoocon 1/18/14

“AV Evasion With the Veil Framework” Slides  |  Video 

1 thought on “Presentations”

  1. Pingback: Domain User to DA (No Exploits) | idzer0

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.