Главная
Study mode:
on
1
Introduction
2
Retooling in the Field
3
Strategic Goals
4
Technical Goals
5
Slim payload delivery
6
Current options
7
NET Managed Code
8
Managed Execution Toolkit
9
What is NET
10
CodeDom
11
Whats Needed
12
Goal
13
Reflective Load
14
Invoke Contract
15
Code Cradle
16
CSX Extensions
17
Create Namespace
18
Code as Data
19
cfir
20
Process Manager
21
Limitations
22
Application Domains
23
Interrupt
24
Evasion
25
Interop
26
Start a process
27
Dynamic interrupt
28
Dynamic load
29
Dynamic compile
30
Flexible solution
31
Dynamic DLR
32
What is Dynamic DLR
33
What is Dynamic DLR used for
34
Code Reflection
35
PowerShell
36
Python
37
IronPython
38
DLR
39
DLL
40
Dynamic Python Files
41
CLR
42
CTypes
43
Delivery of Code
44
Typhoon
45
Other evasion mechanisms
46
How it works
47
Net Modules
48
Dynamic Net Modules
49
Hiding things into memory
50
Invoke Python
51
Shellcode
52
Memory Map
53
C Shellcode
54
C Python
55
C PowerShell
56
Python for Development
57
Alpha
58
Outro
Description:
Explore advanced techniques for developing flexible and secure .NET-based offensive toolkits in this conference talk from NorthSec. Learn how to maintain operational agility and overcome static defensive mechanisms through dynamic code compilation, reflective .NET DLR, and on-the-fly access to native Windows API. Discover methods for hiding sensitive execution aspects in managed code memory using the DLRium Managed Execution toolkit. Gain insights into OpSec lessons, slim payload delivery, and evasion mechanisms. Dive deep into topics such as CodeDom, reflective loading, application domains, dynamic interrupts, and memory mapping. Understand the strategic and technical goals of retooling in the field, and how to leverage various programming languages like C#, Python, and PowerShell for effective red team operations.

Quick Retooling with .NET Payloads

NorthSec
Add to list
#Conference Talks #NorthSec #Information Security (InfoSec) #Red Team #Cybersecurity #Offensive Security
0:00 / 0:00
1 of 58

Introduction