Vincent is heavily involved in Blue Team and Red Team. Vincent has undertaken hundreds of digital forensic and incident response engagements. His expertise includes a wide range of cases including APT attacks, web hacking, corporate litigation, employee investigations, system intrusion and data recovery. He is also the author of GIAC Gold papers, “Windows ShellBags Forensics in Depth” and "Google Chrome Notification Analysis in Depth." He has also undertaken several penetration testing engagements recent years. Vincent holds a number of the industry certifications, CISSP , GCFA Gold, GCIH Gold, GNFA, GREM, GXPN, OSCP and OSWP.
Web shells are frequently used in website attacks. They can allow attackers to bypass web servers to access underlying operating systems or databases to steal the critical information, such as user credentials. Consequently, the operating systems can be compromised through web servers. To avoid the detection and code analysis, web shells often obfuscate their codes or add login functions to conceal their features and presence. This session will demonstrate a number of web shells and their obfuscation techniques.
CYBERSEC 2024 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy 。