Cracking the Perimeter with SharpShooter - Dominic Chell - Hack in Paris - 2019

Explore advanced payload generation techniques for red team engagements in this 42-minute conference talk from Hack in Paris. Learn how to bypass next-generation endpoint protections, including Cylance, Palo Alto TRAPS, and FireEye, using the open-source SharpShooter framework. Discover methods for profiling organizations, circumventing static analysis on disk, in-memory, and across networks, and evading sandboxing through payload keying. Delve into novel scriptlet execution techniques using XML stylesheets, COM, and application whitelisting bypasses. Gain insights into targeting Skype for Business, understanding signature-based detection, and leveraging various payload delivery methods such as HTML smuggling and DLL hijacking. Examine the MSZM architecture, OMSI, and Squiggly Calm staging workflow for enhanced evasion. Conclude with a discussion on detection prevention strategies and tradecraft considerations for red teamers.