Press "Enter" to skip to content

Presentations

DerbyCon 8.0 (10/5/2018)

“The Unintended Risks of Trusting Active Directory”

Slides- https://www.slideshare.net/harmj0y/derbycon-the-unintended-risks-of-trusting-active-directory

Video – https://www.youtube.com/watch?v=-bcWZQCLk_4

 

Sp4rkCon 2.0 (4/7/2018)

“The Unintended Risks of Trusting Active Directory”

Slides- https://www.slideshare.net/harmj0y/the-unintended-risks-of-trusting-active-directory

 

DerbyCon 7.0 (9/22/2017)

“Here Be Dragons: The Unexplored Land of Active Directory ACLs”

Slides – https://www.slideshare.net/AndyRobbins3/here-be-dragons-the-unexplored-land-of-active-directory-acls

Video – https://www.youtube.com/watch?v=z8thoG7gPd0

“An ACE in the Hole: Stealthy Host Persistence via Security Descriptors”

Slides – https://www.slideshare.net/harmj0y/an-ace-in-the-hole-stealthy-host-persistence-via-security-descriptors

Video – https://www.youtube.com/watch?v=ExO535CITXs

 

DEF CON (7/28/2017) – “An ACE Up The Sleeve: Designing Active Directory DACL Backdoors”

Slides – https://www.slideshare.net/harmj0y/ace-up-the-sleeve

 

Black Hat (7/26/2017) – “An ACE Up The Sleeve: Designing Active Directory DACL Backdoors”

Slides – https://www.slideshare.net/harmj0y/ace-up-the-sleeve

Video – https://www.youtube.com/watch?v=ys1LZ1MzIxE

 

Charlotte ISSA Annual Summit (5/18/2017) – Keynote, “Catch Me If You Can: PowerShell Red vs. Blue”

 

PSConfEU (5/3/2017-5/5/2017)

“Catch Me If You Can: PowerShell Red vs. Blue”

Video- https://www.youtube.com/watch?v=Hhpi3Sp4W4k

Slides- https://www.slideshare.net/harmj0y/catch-me-if-you-can-powershell-red-vs-blue

“Defending Your Gold”

Slides- https://www.slideshare.net/harmj0y/defending-your-gold

Interview- https://www.youtube.com/watch?v=wuwAUuIHTM8

 

BSides Nola 2017 (4/1/17) – “A Case Study in Attacking KeePass”

Slides – https://www.slideshare.net/harmj0y/a-case-study-in-attacking-keepass

 

HackCon 2017 (2/15/17) – “Empire – Your best friend to secure your systems”

 

BlueHat Israel

(1/25/17) – “The Travelling Pentester: Diaries of the Shortest Path to Compromise”

Slides- http://www.slideshare.net/harmj0y/the-travelling-pentester-diaries-of-the-shortest-path-to-compromise

 

DerbyCon 6

(9/23/16) – “A Year in the Empire”

Slides – http://www.slideshare.net/harmj0y/a-year-in-the-empire

Video – http://www.irongeek.com/i.php?page=videos/derbycon6/105-a-year-in-the-empire-will-schroeder-matt-nelson

 

(9/24/16) – “Attacking EvilCorp: Anatomy of a Corporate Hack”

Slides – https://adsecurity.org/wp-content/uploads/2015/01/DerbyCon6-2016-AttackingEvilCorp-Anatomy-of-a-Corporate-Hack-Presented.pdf

Video – https://www.youtube.com/watch?v=nJSMJyRNvlM&feature=youtu.be&t=16

 

44CON (9/16/16) – “Trusts You Might Have Missed”

Slides- http://www.slideshare.net/harmj0y/trusts-you-might-have-missed-44con

Video – https://vimeo.com/244556739

 

DEF CON 24 (8/6/16) – “Six Degrees of Domain Admin”

Slides – http://www.slideshare.net/AndyRobbins3/six-degrees-of-domain-admin-bloodhound-at-def-con-24

Video- https://www.youtube.com/watch?v=wP8ZCczC1OU

 

BSides LV (8/3/2016)

“Building an EmPyre with Python”

Slides- http://www.slideshare.net/harmj0y/building-an-empyre-with-python

“Six Degrees of Domain Admin”

Slides – http://www.slideshare.net/AndyRobbins3/six-degrees-of-domain-admin-bloodhound-at-def-con-24

 

BSides Boston (5/21/2016) – “Up is Down, Black is White: Using SCCM for Wrong and Right”

Slides- http://www.slideshare.net/enigma0x3/up-is-down-black-is-white-using-sccm-for-wrong-and-right-62256337

 

PSConfEU (4/20/2016-4/21/2016)

“Building an Empire with PowerShell”

Video- https://www.youtube.com/watch?v=OxHCvKafGhE

Slides- http://www.slideshare.net/harmj0y/psconfeu-building-an-empire-with-powershell

“Offensive Active Directory (With PowerShell!)”

Video- https://www.youtube.com/watch?v=6FrQDXKTRPQ

Slides- http://www.slideshare.net/harmj0y/psconfeu-offensive-active-directory-with-powershell

 

Troopers16 (3/16/2016) – “I Have the Power(View)”

Slides- http://www.slideshare.net/harmj0y/i-have-the-powerview

Video- https://www.youtube.com/watch?v=cXWtu-qalSs

 

SANS Hackfest (11/16/2015) – “Building an Empire with PowerShell”

 

BSides DC (10/17/15) – “Bridging the Gap”

Slides- http://www.slideshare.net/harmj0y/bridging-the-gap-54068050

Video- https://www.youtube.com/watch?v=xHkRhRo3l8o

 

BSides Las Vegas (8/5/15) – “Building an Empire with PowerShell”

Slides- http://www.slideshare.net/harmj0y/building-an-empire-with-powershell

Video- https://www.youtube.com/watch?v=Pq9t59w0mUI

 

CarolinaCon 11 (3/20/15) – “Drilling Deeper With Veil’s PowerTools”

Slides – http://www.slideshare.net/harmj0y/drilling-deeper-with-veils-powertools

Video – https://www.youtube.com/watch?v=VwKqBgWIOpY

 

BSides Austin ’15 (3/13/2015) – “I Hunt Sys Admins 2.0”

Slides – http://www.slideshare.net/harmj0y/i-hunt-sys-admins-20

 

Shmoocon ’15 Firetalks (1/17/2015) – “I Hunt Sys Admins”

Slides – http://www.slideshare.net/harmj0y/i-hunt-sys-admins

Video – https://www.youtube.com/watch?v=yhuXbkY3s0E

 

SANS Hackfest (11/14/2014) – “The State of the Veil-Framework”

Slides- http://www.slideshare.net/VeilFramework/the-state-of-the-veil-framework

 

BSides DC ’14 (10/18/2014) – “Adventures in Asymmetric Warfare: Fighting the AV Vendors”

Slides – http://www.slideshare.net/harmj0y/adventures-in-asymmetric-warfare

Video- https://www.youtube.com/watch?v=AGJR7sT7JFM

 

Derbycon 4.0 (9/26/2014) –  “Passing the Torch: Old School Red Teaming, New School Tactics?”

Slides- http://www.slideshare.net/harmj0y/derbycon-passing-the-torch

Video- https://www.youtube.com/watch?v=rpwrKhgMd7E

 

BSides Augusta ’14 (9/13/2014) – “Adventures in Asymmetric Warfare: Fighting the AV Vendors”

Slides- http://www.slideshare.net/harmj0y/adventures-in-asymmetric-warfare

Video- https://www.youtube.com/watch?v=53qQfCkVM_o

 

Defcon 22 (8/8/2014) – “Veil-Pillage: Post-Exploitation 2.0”

Slides- http://www.slideshare.net/VeilFramework/defcon-veilpillage-37810461

Video – https://www.youtube.com/watch?v=yOC7blJfrJE

 

Blackhat Arsenal ’14 (8/6/2014) – “The Veil-Framework” (turbotalk)

Slides – http://www.slideshare.net/VeilFramework/bh-arsenal-14-the-veilframework

 

Carolinacon X (5/17/14) – “The Veil-Framework”

Sildes- http://www.slideshare.net/VeilFramework/the-veilframework

Video – https://www.youtube.com/watch?v=v4gcZTQpRtU

 

BSidesBoston ’14 (5/10/14) – “Pwnstaller 1.0”

Slides – http://www.slideshare.net/harmj0y/pwnstaller

 

BSidesBoston ’14 firetalk (5/10/14) – “PowerUp: Automating Windows Privilege Escalation”

Slides- http://www.slideshare.net/harmj0y/power-up-34515686

 

BSides Austin ’14 (3/21/14) – “Wielding a Cortana”

Slides- http://www.slideshare.net/harmj0y/wielding-a-cortana

Video – https://www.youtube.com/watch?v=Orn2oQJ7E8k

 

NovaHackers (3/10/14) – “Veil-PowerView: Situational Awareness With Powershell”

Slides – http://www.slideshare.net/VeilFramework/veilpowerview-novahackers

 

Shmooon Epilogue (1/20/14) – “AV Evasion With the Veil Framework”

Slides – http://www.slideshare.net/VeilFramework/av-evasion-with-the-veil-framework-30196828

Video – http://www.youtube.com/watch?v=AKml11-XfTA

 

Shmoocon ’14 (1/18/14) – “AV Evasion With the Veil Framework”

Slides – http://www.slideshare.net/VeilFramework/av-evasion-with-the-veil-framework-30196828

Video – https://archive.org/details/ShmooCon2014_AV_Evasion_With_the_Veil_Framework-2

 

One Comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.