Explore an innovative Windows persistence technique called the Suborner Attack in this conference talk from the Hack In The Box Security Conference. Discover how attackers can create hidden machine accounts with custom credentials and properties, bypassing traditional detection mechanisms. Learn how this method allows for stealthy impersonation of any account without triggering common security alerts. Witness a live demonstration of the attack against the latest Windows version, showcasing its effectiveness in evading detection. Gain insights from security specialist Sebastián Castro, an experienced pentester, red teamer, and vulnerability researcher, as he shares his expertise on this advanced persistence technique. Understand the implications for Windows security and potential countermeasures against this sophisticated attack vector.
Suborner - Windows Bribery for Invisible Persistence
Hack In The Box Security Conference via YouTube
Overview
Syllabus
#HITB2022SIN Suborner: Windows Bribery For Invisible Persistence - Sebastian Castro
Taught by
Hack In The Box Security Conference
Related Courses
-
Stable 26 RID Hijacking - Maintaining Access on Windows Machines
-
Complete Ethical Hacking Bootcamp
-
Exploiting Windows Automatic Wireless Association
-
Stable 25 SharPersist Windows Persistence Toolkit in C
-
In NTDLL I Trust - Process Reimaging and Endpoint Security Solution Bypass - E. Carroll - Hack in Paris - 2019
-
API Security Through External Attack Surface Management
