[Workshop Speakers]
Adversary Village at
DEF CON 32

Ryan O'Donnell

Senior Offensive Security Engineer at Microsoft

Ryan O'Donnell is an Offensive Security Engineer at Microsoft. Over the last 13+ years, Ryan has been performing Penetration Tests, Red Team assessments, and Incident Response investigations. Ryan has conducted hands-on workshops at Hack Space Con and Bsides Nova. Ryan has a Masters in Cybersecurity from GMU and the following Certifications: OSCP, OSEP, CRTO, GREM, GCFE, GCIH, CRTO.

Hands-on workshop: Modifying Impacket for Better OpSec

| Aug 9th 2024 | Adversary Village Area | Las Vegas Convention Center.
Adversarial tradecraft

Operational security (OpSec) is a cornerstone in red teaming, necessitating continuous refinement of tools and techniques to avoid detection. This workshop is designed for new red team operators and individuals seeking to enhance their offensive capabilities. It focuses on customizing the Impacket toolset—a collection of Python classes for working with network protocols—to improve OpSec during engagements.
Impacket tools such as wmiexec, smbexec, and secretsdump are staples in the toolkit of any red teamer due to their versatility and power in gaining access and extracting sensitive data from Windows environments. However, their detectability has increased as defensive measures have become more sophisticated. This session proposes modifications to these tools to reduce their footprint and evade modern security defenses.
Participants will explore various customization strategies, including altering network signatures, timing attacks to evade detection, and integrating stealthier authentication methods. Practical exercises will guide attendees through the process of modifying the Impacket scripts, demonstrating how these changes can significantly enhance operational security in simulated environments.

We Engage.


Join Adversary Village Discord Server.

Join Adversary Village official Discord server to connect with our amazing community of adversary simulation experts and offensive security researchers!