From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion

[Music]

Hey everyone, I'm Steve, volunteer director at large uh with the Vancouver Island Security Research Society. We're thrilled to bring you besides Vancouver Island, a community-driven grassroots cyber security event on October 3, 2025 at the Victoria Conference Center. I'm very pleased to introduce to you Shia Ho, one of our breakout speakers. His session is titled from spoofing to tunneling new red teams networking techniques for initial access and evasion. Here's a quick overview uh which I hope does justice to his talk on what he'll be covering. Bullet points here being gaining internet access without fishing or exploits leveraging stateless tunnels like GRN VXLAN evasion tactics when source IP filtering is missing. VXLAN vulnerabilities in the Linux kernel and router OS uh and

hands-on mitigation strategies for defenders. Thank you so much for coming and meeting with me today. >> Hi everyone, I'm Shu Haong. I'm from Taiwan and I'll go to study at Vancouver Community College in this September. I usually do retaining and focus on web Windows AD and networking and I like to play with network. So I own ASN and actually this research is like I'm using some statist one and I think the status tunnel is something wrong with that and then the research were born. >> Great. Thank you. Thank you. Thank you for sharing that. So a quick question just to peique everyone's interest on your talk. What real world incidents made you realize how dangerous uh VXL

default settings can be? Actually I create a tools and it it had been released and I scanned over the internet and there's turn out like uh 900 or more endpoint response our VXL scanner and there are nearly 4,000 IP inside the VXN terminal. Also the turn inside the VXLAN terminal there are some public address. So actually everyone could hijack this public address then can abuse by attacker then it is hard to find who is attacking the real server because you can hide yourself but by the vx turn on >> right thank you that's uh it's shocking I appreciate it is there anything else that you wanted to uh touch base with before we wrap this quick uh speaker

spotlight >> this talk I already talk in Dcom and black hat USA this year. So if someone didn't attend this big event, you can join this sessions at Vancouver Iceland. So definitely don't miss out uh on uh Shoe House uh deep dive on October 3. Head over to bsidesvi.com uh to grab your tickets. Nag your pass before Friday, September 19th to secure an exclusive customdesigned black hackeresque uh t-shirt. Uh it'll definitely boost your hacker cred. We're on all the socials. uh links in the description and at besidesvi.com. Tag your posts with besides vi and let's get the conversation started. See you all in Victoria. Chang, thanks so much for being here. Okay. See you all at

like Victoria.