2026-06-04 –, Track 1
Achieving initial access is only the beginning. To achieve your goals in an advanced Red Team operation, you'll need to use post-exploitation tradecraft to move forward. From situational awareness, persistency, to privilege escalation and lateral movement, post-exploitation tooling defines an operator's ability to turn a foothold into a successful operation.
This presentation explores the evolution of post-exploitation within Command & Control (C2) frameworks, tracing its roots from early interactive shells to today's modular, in-memory, and operator-driven tradecraft. We examine how advances in Anti-Virus and later Endpoint Detection and Response (EDR) solutions as well as Red the Teaming industry shaped Command and Control frameworks and Post-Exploitation capabilities.
We'll dive into today's state-of-the-art post-exploitation capabilities. We close by unveiling where this tradecraft is heading next.
Whether you are a red teamer, offensive developer, or blue team practitioner, this session offers strategic, technical and understandable insight of where the Post-Exploitation field currently is and where it is going.
Dima enjoys building things that break things and use them in operations.
At Outflank he is an offensive research & developer for Outflank Security Tooling and a red team operator.
