Skip to content

0xdeaddood

Menu
  • Blog
  • Talks
  • Advisories
  • About
Menu

Talks

Sometimes I talk in public. I enjoy sharing knowledge 🤓.

2024

¿Cómo es el arsenal de un grupo APT latinoamericano?

Ekoparty Security Conference (RedTeam Space). Buenos Aires, Argentina

Ransomware, troyanos open-source y malware a medida: dos grupos APT latinos, dos estilos un mismo objetivo. Vamos a explorar cómo estos actores buscan el control total con sus estrategias y herramientas.

2023

Free beer! Now that I have your attention, let’s talk about malvertising

Ekoparty Security Conference (BlueSpace). Buenos Aires, Argentina

Coauthor: @lisandro_ubiedo

Picture this: you’re a content creator, excited to try new video streaming software recommended by a follower. But a simple download turns into a nightmare as your digital life gets hijacked. Welcome to malvertising. Let’s uncover together the current state of this technique. P.S. No free beer.

2021

The Kerberos Key List attack: The return of the Read Only Domain Controllers

Ekoparty Security Conference. Buenos Aires, Argentina

Microsoft wants Azure everywhere and following that premise, the company has implemented several features in this platform. From an authentication point of view, the most interesting ones are the passwordless scenarios. A short time ago, Microsoft released a new functionality that enables passwordless authentication with security keys in Azure environments. This offers us a seamless SSO experience, but under the hood there is something else: the return of the Read Only Domain Controllers. In this talk I’ll introduce a new attack vector against the RODCs using the Kerberos Key List request messages.

SLIDES
BLOG

The art of war of Browser Fingerprinting

Ekoparty Security Conference (BlueSpace). Buenos Aires, Argentina

Coauthor: @florencia_rao

Browser fingerprinting is a technique that can be used to uniquely identify users or devices via a website. It can be used for good, in authentication schemes, or for bad, in tracking systems. This situation started an arms race between browsers and those who use fingerprinting to identify users.

Being the good guys, what strategy do we use to continue to identify our legitimate users? How can we maximize the effectiveness of this technique?

SLIDES
BLOG

Security Researcher 🏴‍☠️ 

Authentication & Identity 🔑 | Threat Hunting 👹 | Malware Reversing 👾 | Impacket 🚀

Recent Posts

  • Impacket v0.11.0 Now Available
  • Forging Tickets in 2023
  • Relaying Everything: Coercing Authentications Episode 1 – MSSQL

Archives

Categories

  • Authentication
  • Bitcoin
  • Data breach
  • Impacket
  • Malware
  • Phishing
  • Vuln disclosure
Tweets by 0xdeaddood
© 2025 0xdeaddood | Powered by Minimalist Blog WordPress Theme