Overview
The course covers the identification and exploitation of vulnerabilities in signed Microsoft Office add-ins for phishing purposes. Participants will learn about code side-loading in signed Office documents, including the process of finding, exploiting, and weaponizing these vulnerabilities. The course aims to equip learners with the skills to understand the complexities in mitigating such security risks. The intended audience for this course includes cybersecurity professionals, IT professionals, and individuals interested in understanding advanced phishing techniques in Microsoft Office environments.
Syllabus
07 - BruCON 0x0E - LOLDocs: Sideloading in Signed Office files - Pieter Ceelen & Dima van de Wouw
Taught by
BruCON Security Conference