Coursera Plus Annual is 40% Off — Ends July 6.

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

ClickOnce and You're in - When Appref-ms Abuse is Operating as Intended

Black Hat via YouTube

Start learning Write review
University of the People Ad

Earn Your CS Degree, Tuition-Free, 100% Online!

Learn More → Financial Edge Ad

The Private Equity Associate Certification

Learn More →

Overview

AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Explore the intricacies of .appref-ms files and their potential for malicious exploitation in this 25-minute Black Hat conference talk. Dive deep into the functionality and operation of these files, uncovering methods to leverage them for nefarious purposes. Gain insight into the user experience during execution and learn additional techniques to enhance and conceal malicious capabilities. Examine topics such as ClickOnce technology, application deployment, lateral movement, and command and control management, complete with a live demonstration. Walk away with three key takeaways to better understand and defend against this potential security threat.

Syllabus

Intro
Speaker Introduction
The End of the Golden Age
A New Light Arises
A ClickOnce Summary
Application Deployment
Lateral Movement Rundown
C2 Management - Demo
3 Takeaways

Taught by

Black Hat

Reviews

Start your review of ClickOnce and You're in - When Appref-ms Abuse is Operating as Intended

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.