Discover simple yet effective red teaming techniques in this conference talk from NorthSec. Learn how to improve USB key drop success rates, reduce command and control discoverability, leverage Outlook for social engineering, and implement other easy hacks that can significantly impact assessment outcomes. Explore topics such as movie-inspired USB key tactics, Milgram experiments, RSA token exploitation, email tricks, magnetic viewing film usage, blueprint acquisition, employee manipulation, command and control hosting, OCR exfiltration, encrypted file handling, USB key bypass methods, spoofing techniques, and automated service exploitation. Gain confidence in conducting red team engagements and be inspired to build upon these practical strategies for enhancing your cybersecurity assessment skills.
Overview
Syllabus
Introduction
USB Key Drop
Movies
USB Keys
Milgram
RSA Tokens
Stupid Email Tricks
Oh a B
Wait for files
Magnetic viewing film
Getting blueprints
Employees That Buy
Command Control
Host CNC
Gupt
OCR
Exfiltration
Encrypted Files
USB Key Bypass
Generalization
How to spoof
Automated taxi services
Automated energy providers
Rubber Duckies
App Tiny 85
Wireless Keys
Taught by
NorthSec
