Hack Red Con 2024
-
Doors, Cameras, and Mantraps: Oh, my!
Dylan "The Magician" Baklor
-
End the Burnout - 3 things your CISO wishes you knew.
Mark Thacker
-
Registration Opens
Oct. 25
-
Opening Ceremony
Oct. 25
-
Keynote Round Table - Ed Skoudis, Dave Kennedy, Ken Nevers, Amanda Berlin
Oct. 25
-
Intro to Infrastructure Automation for Offensive Security
Alex MartirosyanOct. 25
-
Securing Derby 150
Jason PaytonOct. 25
-
CISO Roundtable
Oct. 25
-
Creating Intelligence From Malware Samples
Jon "Wally" Prather and Jeff SmealOct. 25
-
Reframing the “Success” of an Offensive Test: Taking a Risk-Based Approach
Celina StewartOct. 25
Jake “Hubble” Krasnov
Jake "Hubble" Krasnov is the Red Team Operations Lead and Chief Executive Officer of BC Security. He has spent the first half of his career as an Astronautical Engineer overseeing rocket modifications for the Air Force. He then moved into offensive security, running operational cyber testing for fighter aircraft and operating on a red team. Jake has presented at DEF CON, where he taught courses on offensive PowerShell and has been recognized by Microsoft for his discovery of a vulnerability in AMSI. Jake has authored numerous tools, including Invoke-PrintDemon and Invoke-ZeroLogon, and is the co-author of a cybersecurity blog at https://www.bc-security.org/blog/.
https://www.linkedin.com/in/jacobkrasnov/
Anthony "Coin" Rose
Anthony "Coin" Rose, CISSP, is the Director of Security Researcher at BC Security, where he specializes in adversary tactic emulation planning, Red and Blue Team operations, and embedded systems security. He has presented at numerous security conferences, including Black Hat, DEF CON, HackSpaceCon, HackMiami, and RSA conferences. Anthony is the author of various offensive security tools, including Empire and Starkiller, which he actively develops and maintains. He is recognized for his work, revealing wide-spread vulnerabilities in Bluetooth devices and is the co-author of a cybersecurity blog at https://www.bc-security.org/blog/.
Workshop Description:
IronPython is a powerful and flexible programming language that has been increasingly used by attackers due to its ability to bypass security controls. This practical workshop will explore the inner workings of IronPython and its unique features that enable sophisticated offensive techniques. Participants will gain hands-on experience in developing IronPython payloads that can evade modern security controls and execute malicious code on target systems.
In this workshop we will be covering:
Introduction to IronPython: Understand the basics of IronPython, its installation, and why it's used.
IronPython Syntax and DataTypes: Get comfortable with the fundamental building blocks of IronPython programming.
IronPython and .NET: Explore the power of IronPython and .NET integration, and how IronPython interacts with C#.
IronPython and PowerShell: Learn how to control PowerShell and leverage Runspaces using IronPython.
CLR Hooks for AMSI Bypass: Delve into advanced topics like using IronPython for CLR hooks to bypass AMSI.
Hands-On Exercises: Along with theory, this workshop emphasizes practical application. We will work on multiple exercises, each designed to strengthen your understanding of the core concepts and their real-world application.