A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


Chunky Cookies: Smashing Application Aware Defenses - (BSides Nashville 2017) (Hacking Illustrated Series InfoSec Tutorial Videos)

Chunky Cookies: Smashing Application Aware Defenses

Russell Butturini

BSides Nashville 2017

In recent years, defensive technologies have moved past the traditional filtering and anomaly detection at Layer 3 and 4, and deep packet and payload inspection have become more prevalent. As penetration testers, it's important to understand how to adapt exfiltration techniques to exploit the limitations next generation firewalls, application aware proxies, URL filters, and data loss prevention packages have. This talk will cover several techniques for building payloads to bypass all of these technologies, from basic file encoding to making and proxying outbound connections as legitimate applications. A completely revamped and extended version of Fireaway, a tool originally designed to bypass next generation firewalls, will be released as part of the talk as well.

Russell Butturini has been in IT and information security for the last 14 years and currently is a member of the penetration testing team at a "Big 5" health insurer. Every once in a while, struck by inspiration between watching horse racing and chasing his 8 year old daughter around, he cobbles together some cool Python code that people seem to like and presents it at various conferences such as DEFCON Derbycon, and various BSides. His tool, NoSQLMap, has been starred 405 times on Github (which is 404 times too many), and was also published in "The Hacker Playbook 2".

Back to BSides Nashville 2017 list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast