2025-10-24 –, Europe
In this session, I will explore innovative techniques that transform the way executable binaries are delivered. By leveraging HTML smuggling and image polyglot methodologies, the presentation reveals how payloads can be compressed, XOR-encrypted, and artfully embedded within benign image files. This approach not only bypasses conventional security mechanisms such as IDS/IPS, XDR, and DLP systems but also challenges traditional notions of digital content integrity. The talk offers a deep dive into advanced red team tactics designed to operate beneath the radar of modern cybersecurity defenses.
"THAT PICTURE IS A LIE: SMUGGLING BINARIES WITH STYLE" provides a comprehensive overview of a sophisticated payload delivery process that repurposes everyday image files into covert carriers of executable binaries. Attendees will be guided through the multi-stage transformation process—starting with the compression of binaries into 7z/zip archives, followed by XOR encryption, and culminating in the embedding within PNG and GIF files using HTML smuggling techniques. This session is crafted for experienced cybersecurity professionals, particularly those involved in red team operations and offensive security. Through live demonstrations and real-world case studies, I will illustrate how these methods can be deployed to evade detection, offering insights into both the offensive potential and the defensive challenges posed by such innovative tactics.
Harpreet (Harry) is a seasoned cybersecurity expert with over a decade of dedicated service in Ethical Hacking, Penetration Testing, Vulnerability Research, and Red Teaming. As the esteemed author of Infrastructure Attacks for Ethical Hacking, Hands On: Web Penetration Testing with Metasploit, and Hands On: Red Team Tactics, Harry has built a reputation as a thought leader in the cybersecurity community. His extensive field experience is complemented by prestigious certifications, including Offensive Security Exploit Developer (OSED), Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP), and Certified Red Team Operator (CRTO). Harry has shared his profound insights and innovative strategies at notable international conferences such as Pass-The-Salt (2021) and Vulncon 2024.