BEGIN:VCALENDAR PRODID:-//vBulletin 6//EN VERSION:2.0 CALSCALE:GREGORIAN BEGIN:VEVENT UID:7620342d-fefd-4075-a940-2d75d539aa8a DTSTAMP:20260426T172050Z SUMMARY:Volatile Vault - Data Exfiltration in 2024 : Patrick Eisenschmidt : Moritz Thomas DESCRIPTION:Title: Volatile Vault - Data Exfiltration in 2024\nPresenter: P atrick Eisenschmidt\nCo-Presenter: Moritz Thomas\nLocation: W305\nDay\,Tim e: Fri Aug 9 \, 10AM - 11:45AM\nAudience: Offense\, AppSec\, Defense\nProj ect: https://github.com/molatho/VolatileVault\n\nAbstract:\nIn red team op erations\, selecting the right tools for data exfiltration is critical\, y et comes with obstacles such as triggering Data Exfiltration Prevention (D EP) systems. We present "Volatile Vault" as a solution\, a custom-built pl atform tailored to evade DEP detection. Our tool encrypts the data on the client-side and then provides a modular approach for uploading said data. Some of the currently implemented upload strategies are chunked HTTP uploa ds to multiple domain fronted endpoints (AWS) or QUIC as an alternative pr otocol.\n\nBios:\n* Presenter:\nPatrick has gained extensive experience in the offensive security domain. Currently\, he serves as the Red Team Lead at NVISO ARES (Adversarial Risk Emulation & Simulation). In this role\, h e supervises a team of operators and directs both high-profile Red Team op erations and Tiber/TLPT Assessments. Beyond leadership\, Patrick actively participates in crafting intricate spear phishing campaigns and boosts the Red Team's effectiveness by developing and maintaining open-source method ologies and tools.\n* Co-Presenter:\nMoritz is a senior red team security consultant at NVISO ARES (Adversarial Risk Emulation & Simulation). He foc uses on research & development in red teaming to support\, enhance and ext end the team’s capabilities in red team engagements of all sorts. Before joining the offensive security community\, Moritz worked on a voluntary b asis as a technical malware analyst for a well-known internet forum with f ocus on evading detections and building custom exploits. When he isn’t i nfiltrating networks or exfiltrating data\, he is usually knees deep in re search and development\, dissecting binaries and developing new tools. URL:https://forum.defcon.org/node/249605 DTSTART:20240809T180000Z DTEND:20240809T194501Z LOCATION:W305 END:VEVENT END:VCALENDAR