DeepSec 2025 Talk: How To Breach: From Unconventional Initial Access Vectors To Modern Lateral Movement – Benjamin Floriani & Patrick Pongratz
The perpetual cat-and-mouse game between attackers and defenders has pushed offensive security operators to innovate. While enterprise security teams have become adept at identifying and blocking malicious Office documents, suspicious executables, and known phishing URLs, a significant blind spot often remains: the gray area of “benign” file formats that are implicitly trusted by both users and security tools. This talk will arm attendees with the knowledge to identify and leverage these blind spots in red team engagements. We will begin by exploring the strategic shift from noisy, high-volume attacks to stealthy, low-profile techniques designed to circumvent modern EDR, email gateways, and web proxies. We’ll discuss why certain file types and delivery mechanisms succeed where others fail, focusing on the technical elements that make them effective. This includes exploiting the browser’s rendering engine and abusing