Post by Synacktiv

Sharing cutting-edge research at x33fcon 🇵🇱 We are proud to highlight the talk delivered by our security researchers, Kévin Tellier and ☀️ Hugo Vincent, at #x33fcon, where they presented their latest research into offensive DCOM internals. Their session provided a practical deep dive into COM/DCOM architecture, exploring the root causes behind the well-known "Potato" exploit family and analysing modern lateral movement techniques used in Windows environments. As part of their research, our experts introduced two novel techniques: ▪️A new variant of COMouflage enabling arbitrary executable execution. ▪️A powerful fileless, in-memory lateral movement technique leveraging .NET deserialisation on remote systems, building upon concepts originally explored by James Forshaw. To support research and experimentation around these attack vectors, they have also released DCOMIllusionist, their custom exploitation tool, now publicly available on GitHub. 🔗 https://lnkd.in/eJWkBVWD A huge congratulations to Kevin and Hugo for contributing valuable research to the offensive security community and for sharing their findings with attendees at x33fcon.