2026-05-07 –, C1.05.12: Workshops and Stage (lift to level 5 room #12)
Infostealers silently harvest credentials, cookies, and sensitive data. This session demonstrates how to emulate infostealer behavior browser data theft, keylogging, clipboard monitoring, credential dumping to validate whether your endpoint controls, DLP, and network monitoring would detect the theft and exfiltration. Learn to test your defenses against one of the most prevalent and damaging threat categories.
Outline:
Introduction: The Infostealer Epidemic
Infostealer TTPs (8 min)
Browser data, keylogging, clipboard, LSASS
DEMO: Browser Credential Theft Emulation (12 min)
DEMO: Keylogger Simulation (8 min)
DEMO: Credential Dumping (LSASS Access) (10 min)
DLP & Network Monitoring Validation (7 min)
Q&A (5 min)
I’ve been working as Head of Techincal Advocacy at SCYTHE, Founder & Investor at Cross Intelligence, BSides Porto Organizer, Red Team Village Director (DEF CON), Senior Advisor Raices Cyber Academy, Founder of Red Team Community (Brazil and LATAM), AWS Community Builder, Snyk Ambassador, Application Security Specialist and Hacking is NOT a crime Advocate. International Speaker at Security and New technologies events in many countries such as US (Black Hat & Defcon), Canada, France, Spain, Germany, Poland, Black Hat MEA - Middle-East - and others, I’ve served as University Professor in Master Degree in Portugal, Graduation and MBA courses at Brazilian colleges, in addition, I'm Creator and Instructor of the Course - Malware Attack Types with Kill Chain Methodology (PentestMagazine), PowerShell and Windows for Red Teamers(PentestMagazine) and Malware Analysis - Fundamentals (HackerSec).