2024-10-25 –, Europe - Main Room
We will demonstrate how to Backdooring Powershell using Phantom DLL Hijacking.
This technique requires local administrator or system privileges to exploit, but it could be enticing for threat actors or red teams as it allows the loading of malicious code from a trusted process and a signed binary.
Tristan is a dedicated and motivated professional committed to delivering positive results and fostering continuous improvement in his work. Over the years, he has accumulated extensive experience in both Offensive (Red Teaming, Penetration Testing, Vulnerability Research) and Defensive Security (Threat Hunting, Incident Response, Digital Forensics, Malware Reverse Engineering), as well as systems and networks. Additionally, Tristan finds fulfillment in sharing his knowledge through Cyber Security Training, recognizing the value of collaboration and ongoing learning in this dynamic field.