BEGIN:VCALENDAR PRODID:-//vBulletin 6//EN VERSION:2.0 CALSCALE:GREGORIAN BEGIN:VEVENT UID:0681d498-5128-458f-851a-a54b045ec1e1 DTSTAMP:20260523T052007Z SUMMARY:Anthony Rose\, Gannon “Dorf” Gebauer\, Vincent "\;Vinnybod& quot\; Rose - Snakes on a Screen: Taming... DESCRIPTION:Title: Anthony Rose\, Gannon “Dorf” Gebauer\, Vincent "Vinn ybod" Rose - Snakes on a Screen: Taming Offensive IronPython Techniques\nS cheduled Date and Time (Pacific Standard): Friday\, August 11\, 2023\, at 0900 PDT\nEventBrite Link: https://www.eventbrite.com/e/anthony-rose-snake s-on-a-screen-taming-offensive-ironpython-techniques-tickets-668372368747? aff=oddtdtcreator\nMax Class Size: 80\n\nAbstract:\nIronPython is a powerf ul and flexible programming language that has been increasingly used by at tackers due to its ability to bypass security controls. This practical wor kshop will explore the inner workings of IronPython and its unique feature s that enable sophisticated offensive techniques. Participants will gain h ands-on experience in developing IronPython payloads that can evade modern security controls and execute malicious code on target systems.\nThe work shop will cover the following topics:\n1. Introduction to IronPython: Basi c syntax and usage of IronPython\, and how it can be used in offensive sce narios.\n2. BYOI and DLR: Bring Your Own Interpreter (BYOI) and Dynamic La nguage Runtime (DLR) concepts and their role in developing offensive paylo ads.\n3. Malware Development with IronPython: Develop sophisticated payloa ds that can bypass modern security controls and execute malicious code on target systems.\n4. Anti-Forensics and Evasion Techniques: Techniques to m ake the payloads more resilient to forensic analysis and detection.\n5. Ad vanced Techniques: Advanced techniques like using IronPython with C# and P owerShell and integrating the payloads with other offensive tools.\nThis w orkshop is designed for offensive security professionals\, red teamers\, p enetration testers\, and anyone interested in exploring the capabilities o f IronPython for offensive purposes. Participants should have a basic unde rstanding of Python and programming concepts. By the end of the workshop\, participants will have a deeper understanding of IronPython and its capab ilities for developing offensive payloads.\n\nSkill Level: Intermediate\nP rerequisites for students: A familiarity with python is preferred\, but no t required.\n\nMaterials or Equipment students will need to bring to parti cipate: Laptop with Windows or other Windows VM\n\nBios:\nAnthony "Coin" R ose\, CISSP\, is the Director of Security Researcher at BC Security\, wher e he specializes in adversary tactic emulation planning\, Red and Blue Tea m operations\, and embedded systems security. He has presented at numerous security conferences\, including Black Hat\, DEF CON\, HackSpaceCon\, Hac kMiami\, and RSA conferences. Anthony is the author of various offensive s ecurity tools\, including Empire and Starkiller\, which he actively develo ps and maintains. He is recognized for his work\, revealing wide-spread vu lnerabilities in Bluetooth devices and is the co-author of a cybersecurity blog at https://www.bc-security.org/blog/.\n\nGannon “Dorf” Gebauer i s a Security Consultant at BC Security and specializes in threat intellige nce and embedded system testing. He has led teams through the Cyber Patrio t\, a USAF CTF that tests both defense and offensive capabilities. Current ly\, his expertise is focused on building automation tools for range deplo yments. Dorf has taught courses at both\, Blackhat and DEF CON.\n\nVincent "Vinnybod" Rose is the Lead Developer for Empire and Starkiller. He is a software engineer with a decade of expertise in building highly scalable c loud services\, improving developer operations\, and building automation. Recently\, his focus has been on the reliability and stability of the Empi re C2 server in the most recent major update (Empire 5). Vinnybod has pres ented at Black Hat and has taught courses at DEF CON on Red Teaming and Of fensive PowerShell. He currently maintains a cybersecurity blog focused on offensive security at https://www.bc-security.org/blog/.\n\n\n​ URL:https://forum.defcon.org/node/246021 DTSTART:20230811T170000Z DTEND:20230811T210001Z LOCATION:Las Vegas\, NV\, DEF CON 31 END:VEVENT END:VCALENDAR