Darkbyte

Sobre mí

Joel Gámez Molina // @JoelGMSec

● SysAdmin con más de 10 años de experiencia
● Chief Technology Officer en Cyberguard durante 2 años
● Actualmente trabajando como Security Consultant en Deloitte
● Profesor de cursos y másters de Hacking Ético, Pentesting y PowerShell
● Ponente en congresos de ciberseguridad a nivel nacional e internacional

Herramientas
AutoRDPwn – The Shadow Attack Framework
AzureGraph – Azure AD enumeration over MS Graph
Cloudtopolis – Zero Infrastructure Password Cracking
EvilnoVNC – Ready to go Phishing Platform
FakeDataGen – Full Valid Fake Data Generator
Invoke-DNSteal – Simple & Customizable DNS Data Exfiltrator
Invoke-Stealth – Simple & Powerful PowerShell Script Obfuscator
Invoke-Transfer – PowerShell Clipboard Data Transfer
PowerGram – Multiplatform Telegram Bot in pure PowerShell
PSAsyncShell – PowerShell Asynchronous TCP Reverse Shell
PSRansom – PowerShell Ransomware Simulator with C2 Server
PyShell – Multiplatform Python WebShell
Thunderstorm – Modular framework to exploit UPS devices

Ponencias
[h-c0n 2020] AutoRDPwn – The Shadow Attack Framework
[c0r0n4CON 2020] AutoRDPwn – The Shadow Attack Framework
[Black Hat USA 2020] AutoRDPwn – The Shadow Attack Framework
[Bitup 2020] Cloudtopolis – Cracking hashes in the Cloud (for free!)
[Black Hat USA 2021] Cloudtopolis – Zero Infrastructure Password Cracking
[EkoParty 2021] Cloudtopolis – Zero Infrastructure Password Cracking
[ViCON 2022] Invoke-DNSteal – Exfiltrando Información DNS Like a Boss
[EuskalHack 2022] Invoke-DNSteal – Exfiltrando Información DNS Like a Boss
[Black Hat EU 2022] Invoke-DNSteal – Exfiltrating DNS information Like a Boss
[h-c0n 2023] Thunderstorm – Turning off the lights in your Data Center
[RootedCON 2023] EvilnoVNC: Next-Gen Spear Phishing Attacks

CVE
CVE-2022-47186 – Unrestricted file Upload # [CS-141]
CVE-2022-47187 – Cross-Site Scripting via File upload # [CS-141]
CVE-2022-47188 – Arbitrary local file read via file upload # [CS-141]
CVE-2022-47189 – Denial of Service via file upload # [CS-141]
CVE-2022-47190 – Remote Code Execution via file upload # [CS-141]
CVE-2022-47191 – Privilege Escalation via file upload # [CS-141]
CVE-2022-47192 – Admin password reset via file upload # [CS-141]
CVE-2022-47891 – Admin password reset # [NetMan 204]
CVE-2022-47892 – Sensitive Information Disclosure # [NetMan 204]
CVE-2022-47893 – Remote Code Execution via file upload # [NetMan 204]

Enlaces de interés
twitter.com/JoelGMsec
github.com/JoelGMSec
buymeacoff.ee/JoelGMSec

Contacto
mypublicinbox.com/JoelGMSec
[email protected]