Attacking and Defending Microsoft IIS Training
2024-09-27 , Murray-Fitzroy

In this session, we will cover a variety of techniques to gain code execution on Microsoft IIS servers, ranging from simple webshells to reflectively loading .NET assemblies via exploits.

After performing each attack, we will conduct an incident response to determine what happened and discuss remediation options for recovering from this attack as well as ensuring we can better detect the technique next time.

Setup Steps: https://zeroed.tech/blog/bsides-2024/
Slides and Code: https://zeroed.tech/blog/bsides-2024-code/

Adrian (@zeroedtech) is a senior threat hunter specialising in IIS, webshells and .NET. He's a firm believer that the best way to learn defensive cyber is to understand offensive cyber.