This workshop will instruct attendees on how to carry out sophisticated wireless attacks against corporate infrastructure. Attendees will learn how to attack and gain access to WPA2-Enterprise networks, bypass network access controls, and perform replay attacks to gain administrative control over an Active Directory environment. External wireless adapters and preconfigured live USBs will be provided to all workshop attendees, and material learned in the lectures will be practiced within a realistic lab environment.
Areas of focus include:
- Wireless reconnaissance and target identification within a red team
environment
- Attacking and gaining entry to WPA2-EAP wireless networks
- LLMNR/NBT-NS Poisoning
- Firewall and NAC Evasion Using Indirect Wireless Pivots
- MITM and SMB Relay Attacks
- Downgrading modern SSL/TLS implementations using partial HSTS bypasses
Gabriel is a pentester, CTF player, and Offsec R&D.; He currently works for Gotham Digital Science, where he provides full scope red team penetration testing capabilities for a diverse range of clients. Previously he has worked at OGSystems and Rutgers University. He also is a member of the BSides Las Vegas senior staff, coordinating wireless security for the event. Things that make him excited include obscure network protocols, evading IDS systems, and playing with fire. In his spare time, he enjoys live music and riding motorcycles.