SWGRecon: Automating SWG Rules, Policies and Bypasses

This conference talk explores how Secure Web Gateways (SWGs) can be analyzed and potentially bypassed using automated techniques. Learn how attackers conduct reconnaissance against SWGs to identify vendors and locations, reconstruct rules and policies to find weaknesses, and bypass protections to deliver malicious content. Discover SWGRecon, a new tool that automates SWG enumeration and bypass identification, with demonstrations of how it fingerprints leading SWG vendors, injects JavaScript to test enterprise defenses, and real-world case studies of successful bypasses. Presented by Vivek Ramachandran at Recon Village during DEF CON 32, this session is valuable for penetration testers, red teamers, and enterprise security professionals looking to understand and strengthen their defenses against SWG-based threats.