BEGIN:VCALENDAR VERSION:2.0 PRODID:Data::ICal 0.24 BEGIN:VEVENT DESCRIPTION: 'Title: Modifying Impacket for Better OpSec\n When: Friday \, Aug 9\, 11:00 - 12:59 PDT\n Where: LVCC West/Floor 1/Hall 4/HW4-03-05 /ADV stage - [1]Map\n\n Description:\n\n Operational security (OpSec) is a cornerstone in red teaming\,\n necessitating continuous refinement of tools and techniques to avoid\n detection. This workshop is designed for new red team operators and\n individuals seeking to enhance their of fensive capabilities. It\n focuses on customizing the Impacket toolset†”a collection of Python\n classes for working with network protocols—t o improve OpSec during\n engagements. Impacket tools such as wmiexec\, s mbexec\, and secretsdump\n are staples in the toolkit of any red teamer due to their versatility\n and power in gaining access and extracting se nsitive data from Windows\n environments. However\, their detectability has increased as defensive\n measures have become more sophisticated. Th is session proposes\n modifications to these tools to reduce their footp rint and evade\n modern security defenses. Participants will explore var ious\n customization strategies\, including altering network signatures\ ,\n timing attacks to evade detection\, and integrating stealthier\n a uthentication methods. Practical exercises will guide attendees\n throug h the process of modifying the Impacket scripts\, demonstrating\n how th ese changes can significantly enhance operational security in\n simulate d environments.\n\n SpeakerBio: Ryan O'Donnell\, Senior Offensive Secur ity Engineer at\n Microsoft\n\n Ryan O'Donnell is an Offensive Securit y Engineer at Microsoft. Over\n the last 13+ years\, Ryan has been perfo rming Penetration Tests\, Red\n Team assessments\, and Incident Response investigations. Ryan has\n conducted hands-on workshops at Hack Space C on and Bsides Nova. Ryan\n has a Masters in Cybersecurity from GMU and t he following\n Certifications: OSCP\, OSEP\, CRTO\, GREM\, GCFE\, GCIH\, CRTO\n\n '\n\n 1. #LVCCW_Level1_Hall4\n\n\n DTEND:20240809T195900Z DTSTART:20240809T180000Z LOCATION:ADV - LVCC West/Floor 1/Hall 4/HW4-03-05/ADV stage SUMMARY:Modifying Impacket for Better OpSec END:VEVENT END:VCALENDAR