Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Circumventing the Guardians - How the Security Features in State-of-the-Art TLS Inspection Solutions Can Be Exploited for Covert Data Exfiltration

Black Hat via YouTube

Overview

Explore a new stealthy method of data exfiltration that bypasses security solutions designed to detect such attacks in this 26-minute Black Hat conference talk. Delve into the SNIcat exfiltration technique, which circumvents security perimeter solutions performing TLS inspection. Learn about TLS inspection devices, simple TLS handshakes, command and control structures, agent functionality, traffic capture methods, and core operational aspects of this technique. Examine potential mitigation and detection strategies, and witness a practical demonstration of the Sneakout tool in action. Gain valuable insights into advanced cybersecurity threats and defensive measures from speakers Matteo Malvica and Morten Marstrander.

Syllabus

Introduction
Who am I
Agenda
Background
Snicket
TLS Inspection Devices
Simple TLS handshake
Whats next
Command and Control
Agent and C2
Traffic Capture
Core Functionality
Mitigation Detection
Conclusion
Sneakout
Demo Environment
Demo Client
Outro

Taught by

Black Hat

Reviews

Start your review of Circumventing the Guardians - How the Security Features in State-of-the-Art TLS Inspection Solutions Can Be Exploited for Covert Data Exfiltration

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.