Black Hat USA 2024

The Y-Security team will be at the Black Hat ARSENAL USA 2024 on the 7th and 8th of August 2024 in Las Vegas, USA. Make sure to meet up with us in case you are around.

Arsenal brings together researchers and the open-source community to showcase their latest open-source tools and products in an open, conversational, and virtual environment where presenters are able to interact with the attendees. Arsenal is now featuring the Lab at all regional events. The Arsenal Lab is an interactive, hands-on environment designed for hacking enthusiasts of all skill-level to learn about specialized tools and targets that may be difficult to access otherwise. Join our industry experts to discover new skills or take existing skills to the next level.

We will present on our newest tooling called StealthGuardian – Automatic TTP Analysis which can be used for Red Teams and other Adversary Simulations to protect payloads from Blue Teams.

In more detail, StealthGuardian is a middleware layer that can be combined with adversary simulation tools to verify the resistance, detection level and behaviour detection of executed actions against defined defence mechanisms. Based upon the results the tool decides if it would be safe to execute the action or let the Red Team know that the action has been detected.

The tool has been developed to assist Red Teams during adversary simulations and automatically executes actions against a sandbox, e.g. integrating the same defence mechanisms as the target, and analyse the detection level of the executed action by observing logfiles and alarm messages of defence tools.

In our demo Christian and Sven will present an integration for Fortra’s Cobalt Strike threat emulation tool. We will release the tool on GitHub after the presentation at Black Hat ARSENAL USA 2024.

Additionally, everyone from the Y-Security team will be in Las Vegas for Defcon (08. August – 11. August) and BSides LV (06. August – 07. August). We are excited to meet any new and old contacts. Please reach out to us so that we can arrange a meet-up.

Co-Founder / Advanced Attack Simulation Specialist
Co-Founder / Advanced Attack Simulation Specialist
Advanced Attack Simulation Specialist