- AMMO
- CFP
- CTF
- CXO Track
- Exhibition
- For You
- Hackathon
- HackerHelp
- Horror Stories from Hacker World
- Recreation
- Resume Clinic
- Schedule
- Speakers
- Sponsors
- StartVille
- Training
- Venue
- Volunteer
- Goa 2020
- AMMO
- Chirag Savla
Chirag Savla
Tool Name:
Callidus
Speaker:
Chirag Savla
Download Link:
https://github.com/3xpl01tc0d3r
Abstract:
The aim of this tool is to highlight how various O365 cloud services can be leverage as command & control communication channel. It can help to evade / avoid network level detection when the organizations are using O365 cloud services. It might also help to change the perspective of defenders when they find some unknown applications communicating with legitimate services.
This tools is developed in C# which leverages Microsoft Graph API's for communicating with O365 cloud services.
Currently the tool supports 3 O365 cloud services:
- Outlook
- OneNote
- Microsoft Teams
Bio:
Chirag Savla is a Cyber Security professional. His areas of interest include penetration testing, red teaming, defence strategies and post exploitation research. He has over 5 years of experience in Security Testing. He is an active member of a Red team and supports the Blue team in building detection strategies in his organization.
In his spare time, Chirag researches on new attack methodologies. He has presented at null(Open Security Community) and FIRST.org He blogs at https://3xpl01tc0d3r.blogspot.com/
Twitter : @chiragsavla94