The LOLBAS Odyssey: Tracing the Path of Finding Hidden Gems in Executables
Nir Chako - Senior Security Resreacher Pentera | Oddvar Moe - Head of official LOLBAS open source project
About this talk
LOLBAS leverage legitimate binaries and scripts for malicious purposes making them hard to catch. They also happen to be one of the growing trends in cybersecurity attacks and are found in most cyber attack campaigns. Armed with this knowledge, Pentera Labs set out to find new official LOLBAS, increasing the number of known LOLBAS downloaders by 30%.
Follow Pentera researcher Nir Chako’s journey as he traces the path to identifying new LOLBAS executables and functions manually, and then as he writes the automation to find more at scale.
This session will help Red Teamers uncover their own LOLBAS gems, while Blue Teamers can learn how to proactively protect against these new threats.
Pentera is the category leader for Automated Security Validation, allowing every organization to test with ease the integrity of all cybersecurity layers, unfolding true, current security exposures at any moment, at any scale. Thousands of security professionals and service providers around the world use Pentera to guide remediation and close security gaps before they are exploited. For more info visit: pentera.io.…