RiskSense Security Analysts to Unpack Upgrades to Koadic Hacking Toolkit at Black Hat USA 2019

WHO:

Sean Dillon (aka @zerosum0x0), senior security analyst at RiskSense, has years of experience in penetration testing, exploit reverse engineering and malware research especially around the Microsoft Windows kernel. Sean is a co-author of the ETERNALBLUE and other MS17-010 Metasploit exploit modules. He was the first to publish a reverse engineering analysis of the DOUBLEPULSAR SMB backdoor. Sean has taught workshops on Windows internals at DEF CON and to government agencies.

Nate Caroe (@The_Naterz) is a Senior Security Analyst at RiskSense. He is one of the initial contributors and lead maintainer of Koadic. He has performed extensive exploration into exploitation and tool automation.

WHAT:

Koadic, a post-exploitation toolkit that leverages the Windows Script Host to provide all the features of a remote access trojan (RAT), was first released by Sean Dillon at DEF CON in 2017. In this Black Hat USA presentation, Sean and Nate will reveal new capabilities added to Koadic since its introduction two years ago, including the ability to extract information and intelligence about a targeted Windows environment, scrape user credentials more efficiently, and better navigate a network. They will also discuss best practices on how to use the tool for discovering and remediating security vulnerabilities in Windows systems to protect them from future attacks.

WHEN:

Thursday, August 8 | 1:00pm-2:20pm | Track: Malware Offense | Session Type: Arsenal

WHERE:

Black Hat USA 2019 | Business Hall (Oceanside), Arsenal Station 10 | Mandalay Bay | Las Vegas

HOW:

To schedule a conversation with Sean Dillon, contact Marc Gendron at marc@mgpr.net or +1 781.237.0341. For more information, visit: https://www.blackhat.com/us-19/arsenal/schedule/index.html#koadic-two-years-of-mischief-14925