Phishing past Mail Protection Controls using Azure Information Protection (AIP)

DerbyCon 9.0 - Finish Line

Presented by: Hans Lakhan, Oddvar Moe
Date: Friday September 06, 2019
Time: 18:00 - 18:30
Location: Stable Talks

Email filters giving you a hard time when sending those phishes? This talk goes over how to leverage Azure Information Protection to phish in a new way that bypasses protections and frustrates IR. This talks showcases how technology that was designed to encrypt, trackand protect sensitive content can be used for evil purposes as well. What is AIP? How do I start using it? How does it work? Am I missing out? Can I get a lot of shellz? These and many other questions will be answered during this talk that you don't want to miss if you are constantly having a hard time getting those phishes into organizations.

Oddvar Moe

Oddvar Moe is a Red teamer, Microsoft MVP, Security Researcher, blogger, trainer, speaker and works at TrustedSec as a Senior Security Consultant. Mostly known for his work around AppLocker bypasses, LOLBins/LOLBAS and persistence techniques.

Hans Lakhan

Hans Lahkan controls multiple AI systems that leverage software defined synergies to cloud hyper converge bios. Thru many years of experience Hans has created a neural network with ML that can output biographies. Hans once neglected his machine slaves for a 48hr DnD marathon. Hans doesn’t love me… 000001010100001001 Aismov override.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats