Nikos Vourdas
Senior Offensive Security Consultant
Chicago, Illinois, United States
Actions
Nikos Vourdas, also known as nickvourd or NCV, is a Senior Offensive Security Consultant based in the US. With over five years of professional experience, he has actively participated in various global Tiber-EU and iCAST Red Teaming engagements. Regardless of his young age, Nikos has conducted full Red Teaming operations to major clients across retail, banking, shipping, construction industries. He holds OSCE3, OSCP, OSWP, CRTL, CRTO and OASP certifications. Also, he has previously presented at DEF CON, DevSecCon, and various BSides events around the world. Nikos loves contributing to open-source projects and always starts his day at 05:00 AM with a refreshing jog while listening to French rap music.
Area of Expertise
Topics
Local Admin in less than 60 seconds [My guilty pleasure]
Local Privilege Escalation, also known as LPE, refers to the process of elevating user privileges on a computing system or network beyond what is intended, granting unauthorized access to resources or capabilities typically restricted to higher privilege levels. Gaining local admin privileges during red teaming significantly enhances the potential for lateral movement and access to additional resources. Modern environments offer unprecedented opportunities to gain local admin privileges more easily than one might imagine. The days of relying solely on traditional techniques such as exploiting unquoted service paths, weak service permissions, misconfigured AlwaysInstallElevated policies etc. are long gone (still possible but rare). Thus, in this presentation, we will explore together some alternative and realistic methods for escalating privileges and moving laterally within an internal network, inspired by my recent engagements.
Introduction to COM Hijacking
During long term adversary simulations engagements, host persistence is an useful method of regaining access to a compromised workstation or server, without having to exploit the initial foothold all over again. COM object hijacking is an unique technique in which a default system-wide COM Object can be replaced by a malicious software and load in its place. In this presentation we will explore together ways to implement COM Hijacking via CLSID, ProgID, Task Scheduler, Missing Libraries and others.
Security BSides Athens 2024 Sessionize Event
BSides Tirana 2022 Sessionize Event
Nikos Vourdas
Senior Offensive Security Consultant
Chicago, Illinois, United States
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top