Webinar (2025) — Introducing RelayInformer: Identifying EPA Enforcement for Multiple Protocols
Introducing RelayInformer, a tool for identifying Extended Protection for Authentication (EPA) enforcement across multiple protocols.
PRESENTATIONS
Troopers (2024) — Relay Your Heart Away: An OPSEC-Conscious Approach to 445 Takeover
An OPSEC-conscious methodology for SMB 445 takeover via NTLM relay attacks, presented at Troopers 2024.
x33fcon (2024) — Relay Your Heart Away: An OPSEC-Conscious Approach to 445 Takeover
An OPSEC-conscious methodology for SMB 445 takeover via NTLM relay attacks, presented at x33fcon 2024.
BlackAlps (2023) — Sideloading Serenade: A Symphony Of .NET Payload Techniques
A deep dive into .NET payload sideloading techniques, presented at BlackAlps 2023.
Texas Cyber Summit (2023) — Sideloading Serenade: A Symphony Of .NET Payload Techniques
A deep dive into .NET payload sideloading techniques, presented at Texas Cyber Summit 2023. Recording not yet available.
BSides Austin (2023) — Bypass Client Side Posture Checks w/ Patching and Hooking
Techniques for bypassing client-side posture checks using memory patching and API hooking, presented at BSides Austin 2023. Internal recording.
Wild West Hacking Fest (2022) — Less SmartScreen More Caffeine: ClickOnce (Ab)Use for Trusted Code Execution
Abusing ClickOnce deployment for trusted code execution while bypassing SmartScreen, presented at Wild West Hacking Fest 2022.
DEF CON 30 (2022) — Less SmartScreen More Caffeine: ClickOnce (Ab)Use for Trusted Code Execution
Abusing ClickOnce deployment for trusted code execution while bypassing SmartScreen, presented at DEF CON 30.