2025-06-21 –, Track 1 (UC Conf. Rm. A) (2nd Floor)
The presentation will discuss the Misconfiguration Manager project attack techniques for both an offensive and defensive audience. Additionally, it will discuss detection and evasion techniques in a "Red vs Blue" style format.
For this presentation, I will discuss the published additional detection guidance (link to project: https://github.com/subat0mik/Misconfiguration-Manager/tree/main/defense-techniques/DETECT). I will discuss the applicable attack paths, detection telemetry, and any additional detective strategies I've developed to give defenders the upper hand during the identification of configuration manager abuse. I will then present detections and evasions related to these attack techniques in a "Red vs Blue" style comparison.
Josh Prager has over 13 years’ experience focusing on DoD red team infrastructure, cyber threat emulation, and threat hunting. As a former threat hunter in the Federal industry, he provided various cyber threat emulation and threat hunting assessments throughout DOD environments. As a principal consultant at SpecterOps, he guides clients in developing the maturity of their detection and response programs, building their detection engineering capabilities, and ensuring detective and preventive coverage of offensive techniques.