2.0 -//Pentabarf//Schedule//EN PUBLISH EEJXWT@@pretalx.com -EEJXWT Opening en en 20260604T091500 20260604T093000 001500 Opening PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/EEJXWT/ Track 1 OrangeCon Orga PUBLISH W9KQAT@@pretalx.com -W9KQAT KEYNOTE: Games With Frontiers en en 20260604T093000 20260604T100000 003000 KEYNOTE: Games With Frontiers PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/W9KQAT/ Track 1 Meredith L. Patterson PUBLISH XC3SJF@@pretalx.com -XC3SJF BLESPlo.it the world! Introducing a new portable "swiss army knife" BLE security tool en en 20260604T100500 20260604T103500 003000 BLESPlo.it the world! Introducing a new portable "swiss army knife" BLE security tool PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/XC3SJF/ Track 1 Slawomir Jasek PUBLISH HLHUPG@@pretalx.com -HLHUPG Bypassing the Evasion Barrier: Detecting Malleable C2 When Traditional Defenses Fail en en 20260604T104000 20260604T111000 003000 Bypassing the Evasion Barrier: Detecting Malleable C2 When Traditional Defenses Fail Objectives Understand malleable C2 and why signature-based detection can't accurately detect it Learn a set of novel signals that can be used to detect malleable C2 (robotic, repeated, anomalous, and fingerprint-based) Show how you can build a robust detector with these signals Background Demo CobaltStrike and other malleable c2 frameworks operate Demo why detecting them is hard Building a modern detection system Our approach to collecting data and focusing detection efforts Examples of core signals Architecture - how we combined anomaly detection with these signals Efficacy Testing How we configured a lab environment to generate and test 20k+ configs for 7 different C2 tools How we measured success Case Studies We have been running this in production > 6 months now (and will be even longer at conference time) so we have updated stats on false positives and new case studies for beacons we have successfully detected PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/HLHUPG/ Track 1 Raymond Canzanese PUBLISH PCJQQQ@@pretalx.com -PCJQQQ Top 5 Weaknesses Of Technical Experts Exploited By The Crisis Manager en en 20260604T112000 20260604T115000 003000 Top 5 Weaknesses Of Technical Experts Exploited By The Crisis Manager PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/PCJQQQ/ Track 1 Lisa de Wilde PUBLISH LVTFE9@@pretalx.com -LVTFE9 Age of Post-Exploitation en en 20260604T115500 20260604T122500 003000 Age of Post-Exploitation This presentation explores the evolution of post-exploitation within Command & Control (C2) frameworks, tracing its roots from early interactive shells to today's modular, in-memory, and operator-driven tradecraft. We examine how advances in Anti-Virus and later Endpoint Detection and Response (EDR) solutions as well as Red the Teaming industry shaped Command and Control frameworks and Post-Exploitation capabilities. We'll dive into today's state-of-the-art post-exploitation capabilities. We close by unveiling where this tradecraft is heading next. Whether you are a red teamer, offensive developer, or blue team practitioner, this session offers strategic, technical and understandable insight of where the Post-Exploitation field currently is and where it is going. PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/LVTFE9/ Track 1 Dima Pieter Ceelen PUBLISH S9DBTD@@pretalx.com -S9DBTD Hacking Big Iron With AI: Attacking Mainframe Operating Systems Beyond Modern Assumptions en en 20260604T130500 20260604T133500 003000 Hacking Big Iron With AI: Attacking Mainframe Operating Systems Beyond Modern Assumptions Mainframes are not legacy systems in the way the industry uses that word. They are actively maintained, actively targeted, and actively misunderstood. The security gap exists not because the systems are old but because the mental models used to assess them are wrong. This talk addresses that gap directly. **The Technical Problem** Modern offensive security methodology is built around a set of assumptions that do not hold on z/OS: that privilege is binary and anchored to a user account, that lateral movement happens through network services, that execution is interactive and session-bound, and that a process tree or endpoint agent will surface attacker behavior. None of these are true on a mainframe. z/OS organizes authority across five subsystems, each with a distinct security boundary. VTAM controls session establishment and terminal binding. TSO binds interactive identity and provides the context under which all commands, dataset access, and job submissions are authorized. RACF enforces access continuously, per resource, before execution. JES queues and schedules deferred work, executing it later under the identity of the submitter, outside any interactive session. CICS controls transaction execution and enforces authorization at the transaction level, not the program level. An attacker who understands these boundaries can move through them without triggering any of the detection mechanisms a modern SOC relies on. An attacker who does not understand them will misread what they see, take actions with unintended consequences, and likely miss the actual exposure entirely. **The Techniques** The talk covers four concrete attack paths, each demonstrated against a live MVS 3.8j environment running on Hercules: TN3270 user enumeration exploits differential response behavior at the VTAM logon screen. Valid userids produce a password prompt. Invalid userids produce an immediate rejection. This is consistent across implementations and requires no authentication. It is the standard first step in any mainframe assessment and is supported by existing Nmap scripting engine scripts. STEPLIB hijacking exploits the mainframe program library search order. When a user submits a job with a STEPLIB DD statement pointing to a dataset they control, MVS searches that library first before system libraries. If an attacker has UPDATE access to any dataset that appears in the STEPLIB concatenation of a higher-privileged job, they can replace a load module and have it execute under the job's authority. No vulnerability is exploited. RACF does not prevent it. No alert fires by default. SMF records the execution but nobody is watching. This is a direct analog to DLL hijacking or LD_PRELOAD injection and represents a supply chain attack against the batch execution environment. JCL injection for deferred privileged execution covers the case where an attacker can influence the JCL stream of a job that runs under a more privileged identity. Because JES executes work later under the submitter's RACF context, and because that context persists after the interactive session ends, an attacker can submit work, log off, and have privileged code execute minutes or hours later with no active session to detect. This breaks every assumption about session-based detection. RACF misconfiguration paths cover the most common findings in real assessments: overbroad dataset profiles using high-level qualifier wildcards, excessive group authority granted through organic entitlement growth, SURROGAT class entries that allow job submission under another user's identity, and APF library dataset permissions that allow non-privileged users to introduce authorized code. Each of these is a configuration failure, not a vulnerability, and none of them produce alerts in a default SMF configuration. **The Tool** BigIron.ai is an open-source, fully offline AI-assisted assessment platform built specifically for z/OS and MVS environments. It is not a scanner. It is a reasoning layer that sits between the assessor and the TN3270 terminal. The platform runs a local language model via Ollama against live TN3270 session output. When the assessor captures a screen, the LLM identifies the active control plane, interprets the identity context, flags assumptions that may be wrong, and provides guidance on what to do next. It does not connect to any external service. No screen content, no credentials, no assessment data leaves the machine. Beyond the AI layer, the platform includes thirteen scripted autonomous walkthroughs across all five control planes, a findings engine that maps results to a repeatable F1 through F5 assessment framework, a TN3270 network scanner for mainframe discovery, a RAG knowledge base ingesting IBM Redbooks and ABEND reference material, and a red team tutor with structured labs and engagement checklists. The demo environment runs MVS 3.8j Turnkey on Hercules. This is appropriate for demonstrating control-plane mechanics, VTAM session behavior, TSO identity binding, JES submission and spool, and dataset access patterns. Where z/OS behavior differs meaningfully, those differences are noted explicitly. **The Audience** The talk is designed for offensive security practitioners who have encountered mainframes in scope and had no framework for assessing them, defensive practitioners who are responsible for mainframe environments but have no visibility into what an attacker would actually do, and security engineers building detection or assessment programs who need an accurate model of how the system works before they can reason about what to monitor. No mainframe background is assumed. The talk builds the required mental model from first principles, using analogies to concepts the audience already knows, then applies that model to concrete attack paths and a live tool demonstration. **What Attendees Leave With** A correct mental model of mainframe authority and execution that replaces the cloud and Linux assumptions most practitioners carry in. A repeatable assessment methodology structured around control planes rather than hosts and services. Familiarity with four concrete attack techniques that have been observed in production assessments. Access to an open-source tool they can run immediately against any MVS or z/OS environment. PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/S9DBTD/ Track 1 Adam Toscher PUBLISH XUJ7WR@@pretalx.com -XUJ7WR Protecting the Water Horizon: Kill Chain Simulation and Detection in Water OT Infrastructure en en 20260604T134000 20260604T141000 003000 Protecting the Water Horizon: Kill Chain Simulation and Detection in Water OT Infrastructure PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/XUJ7WR/ Track 1 Aneta Urban Maarten de Kruijf PUBLISH DRB99V@@pretalx.com -DRB99V Remind Me Later: The Inconvenient Truths of Cybersecurity en en 20260604T141500 20260604T144500 003000 Remind Me Later: The Inconvenient Truths of Cybersecurity Opening — Why people prefer comfortable lies over uncomfortable truths, and what that means for security culture Truth 1: Security itself is an inconvenience — The human behaviour gap; why awareness campaigns alone don't move the needle Truth 2: The benefits of security are invisible — The problem of preventative value; how to make the invisible visible to leadership Truth 3: There are no new threats, only new dimensions — Ransomware from 1989 to today; how GenAI adds scale and capability rather than entirely new attack categories Truth 4: Some dimensions genuinely change the game — Voice cloning and digital twins threatening biometric authentication; real-time deepfake fraud; the KnowBe4/North Korea infiltration case Truth 5: Refusing to act creates compounding risk — The Snowflake 2024 breach as a case study in avoidable failure; MFA and credential hygiene basics we keep skipping Truth 6: The quantum clock is ticking — Why the post-quantum cryptography transition can't wait; the narrowing window for crypto agility Truth 7: We don't control our entire environment — IoT, supply chain, geopolitics, and the limits of what any single organisation can secure Closing — Turning the question back to the room: what inconvenient truth are you missing? PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/DRB99V/ Track 1 NS van der Meulen PUBLISH CJELAM@@pretalx.com -CJELAM Breaching The Perimeter: The Forgotten Attack Vector That Always Works en en 20260604T145000 20260604T152000 003000 Breaching The Perimeter: The Forgotten Attack Vector That Always Works Everyone talks about bypassing EDR. Almost nobody talks about bypassing the door that renders EDR useless. This session is a practitioner-led breakdown of how attackers compromise organisations by gaining physical entry. First we will introduce you to our real-world server room door. Then we present nine distinct, field-tested techniques that allow entry into such critical areas—each of which we have used during real red team engagements. Identifying such vulnerabilities efficiently is one of the key tenets of door assessment that gets repeated on every job! Once inside, the path to full compromise is trivial: console access, hidden camera or microphones, network implants, stolen documents. We show how these attacks actually unfold in the real world, including how small, “acceptable” deviations from policy accumulate into systemic failure. These are not edge cases—they are repeatable patterns. Finally, we introduce the role of AI in physical intrusions. Attackers are already using automated OSINT to profile targets at scale and deepfake voice technology to impersonate trusted personnel, lowering the barrier to successful pretexting. This talk focuses on what works, why it works, and why most organisations are not prepared for it. PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/CJELAM/ Track 1 Jiri Vanek tatramaco PUBLISH XUZNQQ@@pretalx.com -XUZNQQ Bad Box 2 en en 20260604T153500 20260604T160500 003000 Bad Box 2 PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/XUZNQQ/ Track 1 Gavin Reid PUBLISH XQHKDH@@pretalx.com -XQHKDH We Looked at Mendix. You Probably Should Too. en en 20260604T161000 20260604T164000 003000 We Looked at Mendix. You Probably Should Too. PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/XQHKDH/ Track 1 OverflowMyBuffers Stan PUBLISH V83BSK@@pretalx.com -V83BSK LOCKNOTE: Signal and the Platformization of Surveillance en en 20260604T164500 20260604T171500 003000 LOCKNOTE: Signal and the Platformization of Surveillance PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/V83BSK/ Track 1 Udbhav PUBLISH TECKL8@@pretalx.com -TECKL8 Closing en en 20260604T171500 20260604T173000 001500 Closing PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/TECKL8/ Track 1 OrangeCon Orga PUBLISH ZKVM3A@@pretalx.com -ZKVM3A The Gift That Keeps On Giving: Bypassing Authentication Reflection Mitigations For SYSTEM Shells en en 20260604T100500 20260604T103500 003000 The Gift That Keeps On Giving: Bypassing Authentication Reflection Mitigations For SYSTEM Shells # Presentation Outline ## Brief Outline 1. Introduction, context and methodology 2. 1st case study: LPE via NTLM reflection 3. 2nd case study: RCE via Kerberos reflection 3a. RCE in the local subnet 3b. General RCE 3c. Unintentional patch analysis, bypass attempts fails and LPE 4. Patches analysis 5. Conclusion and thoughts on the current state of authentication reflection attacks ## Detailed Outline ### Introduction, context and methodology In the introduction, we will present the context of the research: briefly remind the details of CVE-2025-33073 and why the patch seemed insufficient. After that, we will present all the possible avenues for bypasses and derive a generic and methodological approach that will efficiently guide our tests. ### 1st case study: LPE via NTLM reflection We will quickly put our methodology to the test by disclosing the first vulnerability that we identified: a trivial elevation of privilege via NTLM reflection. This vulnerability exploits a specific feature that was recently added to Windows 11 and Windows Server 2025. ### 2nd case study: RCE via Kerberos reflection #### RCE in the local subnet This section will explain how the Kerberos-related research began when one of our colleagues tried to use MitM via DHCPv6 poisoning to perform Kerberos reflection. Although it failed, it piqued our interest and motivated us to dig a bit further. We will describe why the attack did not work because of two main reasons. Afterwards, we will explain how we modified the attack to make it work, by keeping the DNS control primitive and using a surprising SPN and DNS trick to receive a Kerberos authentication and relay it back to the machine to compromise it. #### General RCE Next, we will present how the previous subnet-only primitive was improved to make it work on any machine of the network, thus achieving a full bypass of CVE-2025-33073. #### Unintentional patch analysis, bypass fails and LPE Finally, the last subsection will explain how this RCE was short-lived because of the patch of another vulnerability. We will dive into the patch and apply our methodology to try to find bypasses. We will describe how we failed to get an RCE vector again, but also how we managed to successfully transform the attack into a privilege escalation vulnerability ### Patches analysis This section will describe the official patches made by Microsoft, we will explain what they do and how they fixed the vulnerabilities. NB: As the vulnerabilities are still in the process of being fixed, no information about the patches is currently known. ### Conclusion and thoughts on the current state of authentication reflection attacks To conclude, we will give our opinion on the current state of authentication reflection attacks and explain why authentication relay mitigations are essential to efficiently secure a Windows environment. This conclusion will also be a doorway to potentially apply the novel techniques described during the presentation to other Windows components, not related to authentication reflection attacks. PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/ZKVM3A/ Track 2 Guillaume André PUBLISH AAYAZP@@pretalx.com -AAYAZP Strange Inputs, Critical outputs: Attacking Infrastructure Through Innocuous Network Protocol Fields en en 20260604T104000 20260604T111000 003000 Strange Inputs, Critical outputs: Attacking Infrastructure Through Innocuous Network Protocol Fields PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/AAYAZP/ Track 2 Sasha Romijn PUBLISH 7A8GNZ@@pretalx.com -7A8GNZ 0days on a Shoestring: Breaking Embedded Systems with LLMs and Junk Hardware en en 20260604T112000 20260604T115000 003000 0days on a Shoestring: Breaking Embedded Systems with LLMs and Junk Hardware PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/7A8GNZ/ Track 2 Peter Geissler PUBLISH CEZHG9@@pretalx.com -CEZHG9 Bars of Shame - How Carriers Got Pwned, And What's Coming For The Rest of Us en en 20260604T115500 20260604T122500 003000 Bars of Shame - How Carriers Got Pwned, And What's Coming For The Rest of Us Talk Outline **Opening** We start not with a vulnerability, but with a phishing email. This talk is about what happens after that and why the outcome in a telecom environment is categorically different from any other sector. --- **Context** A brief look at Odido, the breach, and what ShinyHunters actually walked away with. Not just names and numbers a structured subscriber dataset that functions as an identity bridge into downstream systems. --- **The data problem** We break down what a carrier CRM record actually contains: MSISDN, device identifiers, service profiles, account history. Each field is a capability. Together they form an attack primitive most threat actors outside telecom don't fully appreciate yet. --- **The attacker's playbook** The core of the talk. Five concrete paths from CRM access to real-world impact: SIM swap operations, SS7 and Diameter abuse using subscriber context, precision social engineering at carrier fidelity, cross-dataset identity correlation, and roaming and interconnect fraud. --- **The structural gap** The BSS is hardened. The CRM sitting in front of it is staffed by people who answer phones. We examine why the business edge is the softest point in the telco stack and why it is being systematically underestimated. --- **Detection (what should have fired)** A walkthrough of the behavioral signals that were available: new device, abnormal hours, bulk queries, role-inconsistent access patterns. Why they didn't translate into an alert. --- **Closing** Not a lesson specific to Odido. Every carrier runs a CRM. Every CRM has a helpdesk. This talk ends with what that means for the rest of us. PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/CEZHG9/ Track 2 Ali Abdollahi PUBLISH WFEZDZ@@pretalx.com -WFEZDZ Pwning a Million Point Of Sale Terminals In One Afternoon (Without Expert Knowledge) en en 20260604T130500 20260604T133500 003000 Pwning a Million Point Of Sale Terminals In One Afternoon (Without Expert Knowledge) This talk covers the entire timeline of this discovery, including: - The events that led up to the discovery. - The very simplistic breakdown of the vulnerability itself. - The scope of the access gained (spoiler: it is BAD) - Issues which first timers face with responsible reporting of severe bugs. - The responses from vendors and their (incomplete) fixes. - Why simple issues like these will become more prevalent with current industry shifts. PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/WFEZDZ/ Track 2 Marcel Darmeveil PUBLISH SRFFRQ@@pretalx.com -SRFFRQ Successfully Failing As a Reverse Engineer en en 20260604T134000 20260604T141000 003000 Successfully Failing As a Reverse Engineer About 9 years ago I started reverse engineering malware, and by now I dare say I have a decent understanding of the analysis process. This did not come to me overnight (though part of it comes from many all-nighters). During my journey, I made a lot of mistakes. Some of them are due to me not understanding the intricate nitty gritty details of a specific type of binary, and some of them because I lacked a fundamental understanding of whatever I attempted to do at the time. In this talk, I will dive into several rabbit holes that I dove into over time. Some of those were a mistake from the get-go, although that was unbeknownst to me at the time, and some of them were only visible as such once I understood it all. But the overarching theme is the same: I learned a lot from those mistakes, maybe even more so than some of the successes I had. PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/SRFFRQ/ Track 2 Max 'Libra' Kersten PUBLISH 89W7TB@@pretalx.com -89W7TB The Best Defense Is A Good Offense: A Pragmatic Path to Continuous Purple Teaming en en 20260604T141500 20260604T144500 003000 The Best Defense Is A Good Offense: A Pragmatic Path to Continuous Purple Teaming Manual security assessments provides great insights, but they are labour-intensive and the results are often short-lived. Once an exercise ends, it is difficult to know if those same defenses still hold up after a few months of infrastructure changes or when an attacker slightly tweaks their tradecraft. This talk focuses on turning these one-off exercises into a repeatable process, where automated attack simulations act as a constant regression test for your detection stack. We will go through the mechanics of a mature CPT program using a feedback loop focused on automated simulation, measurement, and prioritization. A key part of this involves applying the Pyramid of Pain to offensive simulations: We will discuss why simulating the execution of a specific tool is often a dead end for defenders, and why focusing on the underlying procedure is much more effective. For example, we will look at how simulating the specific sequence of API calls used in process injection leads to detections that are far harder for an attacker to evade than a simple file hash or tool-based detection. Finally, we will bring these concepts together into a pragmatic framework that continuously connects red and blue team efforts. We will discuss how to use simulation data to identify which defensive gaps are the most critical to fix first based on real-world implementation. This session will provide the design patterns and logic needed to start building a continuous purple teaming program in your own environment. PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/89W7TB/ Track 2 Cas van Cooten PUBLISH XGZYKB@@pretalx.com -XGZYKB How to Prompt for Vulnerabilities in LLM-based applications with Extensions, the ProViLE approach. en en 20260604T145000 20260604T152000 003000 How to Prompt for Vulnerabilities in LLM-based applications with Extensions, the ProViLE approach. Outline: During the talk, we will cover several parts of the paper and tool. Both are publicly available, and the tool is open source. With the talk, we hope to give the listeners more insight on how to make a better indication of the risks an LLM may introduce in their applications. We aim to make the talk interesting for both beginners and more experienced cyber specialists in the LLM area. The following (sub)points will be discussed during the talk - Why LLM Security Is a Growing Concern - LLMs are widely adopted, meaning that many modern applications now include LLM in a way. - LLMs are still relatively new and therefore lack mature pentesting practices. - Specific attacks, such as prompt-based attacks, are often successful. - Why Prompt Based Attacks Actually Work - LLMs are trained to fulfil the users’ requests. This instruction can intervene with given security guidelines. - Some other guardrails, such as in- and output filters, can be bypassed. - Challenges in Testing LLM Applications - Traditional vs ‘LLM Pentesting’ - Hallucinations - LLMs are non-deterministic, making it harder to find vulnerabilities. - Introducing ProViLE: Goals and Approach - 4-step approach to facilitate Prompt Based Testing for LLMs. - How to systematically find vulnerabilities in LLM based applications. - The Four Step Framework - (1) Defining attack objectives - (2) Identifying relevant attack techniques - (3) Prompting the LLM - (4) Evaluate the response - How the PRoViLE Tool Automates Prompt Generation & Evaluation - Use of attacker and judge LLM. - Structured attacker and judge prompt templates. - Single shot vs multi shot prompting. - Demo Run - Small live demonstration of ProViLE on an LLM-based application. - How Teams Can Start Using ProViLE Today - Open source tooling - Code is on GitHub, paper/flyer can be used as a ‘deep dive’ into LLM application testing. - Limitations & Future Enhancements - Currently focussed on LLMs with Extensions, such as RAGs. - Future enhancements may include AI Agent support and agentic support. - We aim to build an active open-source community, hoping to support the broader development of secure LLM-based systems. - Conclusion & Takeaways - Pentesting LLM-based applications is fundamentally different than traditional pentesting. - Pentesting your LLM application is important and should not be underestimated / seen as an afterthought. - The ProViLE approach and tooling enable structured identification of vulnerabilities that are specific to the context in which an LLM-based application is deployed. PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/XGZYKB/ Track 2 Rajeck Massa PUBLISH DC8NPV@@pretalx.com -DC8NPV ClickFix: The Gift That Keeps On Giving en en 20260604T153500 20260604T160500 003000 ClickFix: The Gift That Keeps On Giving PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/DC8NPV/ Track 2 Bert-Jan PUBLISH FZQTVC@@pretalx.com -FZQTVC Abusing ASP.NET Trust Levels For Covert C2 Communications Channels en en 20260604T161000 20260604T164000 003000 Abusing ASP.NET Trust Levels For Covert C2 Communications Channels **1. The IIS Trust Level Landscape (5 min)** A quick primer on ASP.NET Code Access Security trust levels (Full, High, Medium, Low, Minimal), how they are configured via `web.config`, and why they still matter in 2026 considering the majority of enterprise IIS deployments run .NET Framework 4.x. We go beyond documentation summaries and walk through the real XML policy files (`web_hightrust.config`, `web_mediumtrust.config`). We present the complete permission maps for High and Medium trust, highlighting the critical gap: `SecurityPermission(UnmanagedCode)` is denied, but almost everything else — file I/O, networking, SQL, DNS is granted. A technical explanation of why `Process.Start` is fundamentally blocked below Full Trust (it P/Invokes `CreateProcess` via `kernel32.dll`), why `Assembly.Load(byte[])` does not provide a trust escalation path (loaded assemblies inherit the caller's sandbox), and why named pipes are also a dead end. **2. Phantom IIS reflective loader via ASP (10 min)** A introduction about phantom loader to reflectivly load unmanaged DLL with full trust mode and showcase insights and demonstrate a use case for a lateral movement. This is based on the released research https://github.com/zux0x3a/Phantom/blob/main/When%20IIS%20platform%20becomes%20an%20execution%20platform.pdf **3. Multi C2 channels covert communications over varient trust level (15 min)** The core of the talk. We demonstrate each channel with architecture diagrams and live examples: - **T1: TCP Channel** — `TcpClient` connect-back with managed task execution - **T2: HTTP Beacon** — `WebClient`-based polling C2 that blends with legitimate IIS traffic - **T3: SQL Dead Drop** — Using the application's own database as a covert task queue (High + Medium Trust) - **T4: SMTP Exfiltration** — Email-based data exfil through internal relays - **T5: DNS Exfiltration** — Subdomain-encoded data exfil via `Dns.GetHostEntry` **5. Detection and Defence Guidance (5 min)** Red Teaming operational and actions blue teaming takeaway. PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/FZQTVC/ Track 2 Lawrence Amer PUBLISH VRWAVC@@pretalx.com -VRWAVC Second Flash: Long Live the OrangeCon Badge! en en 20260604T112000 20260604T122000 010000 Second Flash: Long Live the OrangeCon Badge! PUBLIC CONFIRMED Workshop https://pretalx.com/orangecon-2026/talk/VRWAVC/ Workshops 3 Slawomir Jasek PUBLISH JFX7AY@@pretalx.com -JFX7AY Password Analysis - The forgotten step (with a dash of AI) en en 20260604T130500 20260604T143500 013000 Password Analysis - The forgotten step (with a dash of AI) PUBLIC CONFIRMED Workshop https://pretalx.com/orangecon-2026/talk/JFX7AY/ Workshops 3 Niels Loozekoot PUBLISH YLUTXV@@pretalx.com -YLUTXV Protecting Your AiTM Infrastructure From Nosy Bots en en 20260604T145500 20260604T162500 013000 Protecting Your AiTM Infrastructure From Nosy Bots # Description Red teaming can be challenging, especially when simulating realistic social engineering attacks. You build an entire infrastructure carefully crafted to lure in your potential targets. Then, the moment it goes live, it's quickly discovered and taken down. All your hard work, gone in mere hours. But not to worry! In this workshop, we will shed some light on how you can protect your AiTM infrastructure from prying eyes. We'll share techniques to detect automated bots and safeguard your systems. You'll learn how we manipulate JA4 to limit detection possibilities and how we hot-swap content based on a scoring system. Finally, we will discuss some techniques we use to modify visual elements to outsmart detection of AiTM attacks. This workshop provides a behind-the-scenes look at how our team successfully confronted these automated threats. Want to see what the bots couldn’t? Join and follow our hands-on workshop! ## Necessary tools To be part of this workshop, it is necessary to have a laptop with you that already has a working VirtualBox/VMware installation with the latest Ubuntu LTS on your machine. ## What you will learn By the end, you will have a local setup that you can use to test Evilginx locally, with Caddy in front as our bot deflector and url path rewriter. We will be able to hot-swap data based on the scoring system. We will touch on the subject of JA4 manipulation, but this will not be part of the hands-on session. PUBLIC CONFIRMED Workshop https://pretalx.com/orangecon-2026/talk/YLUTXV/ Workshops 3 Bob van der staak Rutger Flohil PUBLISH VYNDZC@@pretalx.com -VYNDZC Fuzzing Workshop en en 20260604T112000 20260604T122000 010000 Fuzzing Workshop PUBLIC CONFIRMED Workshop https://pretalx.com/orangecon-2026/talk/VYNDZC/ Workshops 4 Marc "vanHauser" Heuse PUBLISH YGLYSV@@pretalx.com -YGLYSV The Power of The Paper Airplane en en 20260604T130500 20260604T143000 012500 The Power of The Paper Airplane PUBLIC CONFIRMED Workshop https://pretalx.com/orangecon-2026/talk/YGLYSV/ Workshops 4 Gus Posey PUBLISH KLGPZC@@pretalx.com -KLGPZC How to use Frida if developers are working against you. en en 20260604T143500 20260604T153500 010000 How to use Frida if developers are working against you. Audience: Intermediate to advanced mobile security testers, reverse engineers, and red teamers Prerequisites: Basic familiarity with Android internals, dynamic analysis, and Frida is recommended but not strictly required. Takeaways: Practical bypass techniques, and a structured approach to analyzing hardened mobile apps PUBLIC CONFIRMED Workshop https://pretalx.com/orangecon-2026/talk/KLGPZC/ Workshops 4 René Bisperink PUBLISH ZTJRDS@@pretalx.com -ZTJRDS 2 Cops 2 Broadcasting: TETRA End-To-End Under Scrutiny (Talk) en en 20260604T154000 20260604T164000 010000 2 Cops 2 Broadcasting: TETRA End-To-End Under Scrutiny (Talk) PUBLIC CONFIRMED Talk https://pretalx.com/orangecon-2026/talk/ZTJRDS/ Workshops 4 Jos Wetzels Wouter Bokslag