Paul Spicer
Paul Spicer is a Senior Red Team Consultant based in Mandiant’s UK office. As part of Mandiants APT66, Paul primarily works on red and purple team assessments and adversary simulations. Paul has experience delivering a variety of red team scenarios including external attack, assumed compromise and phishing.
Paul has led and participated on multiple red and purple team style engagements with a variety of high-profile clients based in the public sector, private sector and financial services, including multiple threat intelligence lead CBESTs. Paul's red team experience has covered various different attack services from traditional Active Directory environments, to clients with a cloud-first approach.
Outside of red teams Paul spent time working in a security hardware testing and research laboratory. During this time Paul conducted physical attacks on electronic devices by identifying initial access points via hidden debug interfaces, hardware teardowns and performing signal and RF analysis.
Session
Join as we discuss how to hijack trusted .NET binaries and find the perfect binary for your Red Team engagement.
Specifically, this talk will cover the background on:
- How to build your own .NET hijacking tool to launch malicious DLLs on Windows systems.
- Leveraging VirusTotal to identify the perfect trusted .NET binary for your target environment.