Rutger Flohil
Rutger Flohil began his career as a .NET developer, building a solid base in software development before switching gears to focus on cybersecurity. After gaining valuable experience in the Security Operations Center (SOC) of the Dutch TLD, he moved on to his current role as a Red Teamer at Dutch Railways (NS). Rutger enjoys the creative side of security, especially when it comes to writing offensive scripts in Python. Always curious and eager to learn, he’s passionate about discovering new techniques and fresh perspectives to tackle security challenges.
Session
Red teaming social engineering campaigns can fail before they even start: as soon as your AiTM infrastructure goes live, automated systems detect you and takedowns start. This hands-on workshop shows how to harden your infrastructure against bots and other prying eyes. We will demonstrate practical techniques to detect and filter automated traffic, using Caddy as a “bot deflector”, custom url path rewriting, and implementing a scoring-based system to hotswap content in real time. You will also get a behind-the-scenes look at how we manipulate JA4 to reduce detection opportunities and subtly adjust visual elements to evade AiTM detection, along with a discussion of their limitations.
If you come prepared with a virtual machine, by the end of the workshop, you will have a local setup to test Evilginx behind Caddy, understand how to dynamically respond to suspected bot traffic, and gain insight into the strategies our team uses to keep red team infrastructures alive long enough to achieve their objectives.