Coursera Plus Annual is 40% Off — Ends June 29.

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

A Journey of Payload Delivery

via YouTube

Start learning Write review
Coursera Ad

Learn AI, Data Science & Business — Earn Certificates That Get You Hired

Learn More → Simplilearn Ad

Build AI Apps with Azure, Copilot, and Generative AI — Microsoft Certified

Learn More →

Overview

AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Explore payload delivery techniques in this 24-minute conference talk from Derbycon 2018. Delve into the intricacies of sending payloads, understanding different customer types, and implementing inflight detection and payload sampling. Learn about primary goals, including the use of Firefox Send, Web Crypto API, and browser encryption to avoid traffic inspection. Discover strategies to reach payloads from customer networks, minimize attribution, and reduce responses from link inspectors. Examine the weaponization of file-sharing services, Web Preview API, DNS, and TXT records in master-slave operations. Gain insights into Firefox operations and potential defenses against these techniques.

Syllabus

Introduction
What happens when you send a payload
Two types of customers
Inflight detection
Payload sampling
Primary goals
Firefox Send
Web Crypto API
Browser Encryption
Avoid Traffic Inspection
Reach for payload from customer network
Minimize attribution
Minimize response from link inspectors
Weaponize filesharing services
Web Preview API
DNS
Broker
TXT Record
Master Slave
Firefox Operation
Defenses
Conclusion

Reviews

Start your review of A Journey of Payload Delivery

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.