ClickOnce Exploitation: One-Click Network Foothold - AppSec California 2016

Explore the security implications of ClickOnce deployment technology in this AppSec California 2016 conference talk. Discover how ClickOnce, a fast and easy software deployment solution, can be exploited by malicious actors to gain a foothold in networks. Learn about a new methodology combining ClickOnce technology with phishing techniques to establish an initial presence in an environment with minimal user interaction. Gain insights into the "one click" approach that allows attackers to pivot and escalate their access. Delve into topics such as certificate signing, trust architecture, PowerShell, Veil evasion, and command and control setup. Watch a live demo showcasing the creation of a malicious ClickOnce application using Visual Studio, and understand preventive measures like registry settings and Smart Screen. This 40-minute presentation by Ryan Gandrud, a senior security consultant at NetSPI, offers valuable knowledge for cybersecurity professionals and IT administrators concerned with secure software deployment.