Click here to Download this video
Tool Demo – DolosJS | Forrest Kasler | WWHF Deadwood 2022
Wild West Hackin' Fest Wild West Hackin' Fest
52.9K subscribers
223 views
0

 Published On Jun 14, 2023

Join us at the annual information security conference in Deadwood, SD (in-person and virtually) — Wild West Hackin' Fest: https://wildwesthackinfest.com/

DolosJS is a NAC bypass tool that was designed to be cheap to build, easy to deploy, and extremely hard to detect. DolosJS runs on a NanoPi R2S, making it both small and cheap. The DolosJS software autoconfigures the NAC bypass, making it the perfect penetration testing drop box. Operators can simply plug it into the target network and walk away. The project also includes setup scripts to allow the DolosJS device to call home over cellular LTE networks, ensuring that command-and-control (C2) communications never traverse the target network’s perimeter. When remote access over LTE is not required, the project includes setup scripts to establish C2 over Ethernet, WiFi, or Zerotier/VPN.

Forrest Kasler is a full time Penetration Tester and Social Engineer. As a lifelong nerd and hacker, Forrest loves automating advanced network attacks for his team. He has authored multiple open-source tools for the penetration testing community to address common challenges in day-to-day operations. Key research topics include: NAC bypass, MFA bypass, advanced MitM attack vectors, advanced OSINT, SMTP weaknesses, distributed brute force attacks, offensive data mining, and malware development.


///Black Hills Infosec Socials
Twitter:   / bhinfosecurity  
Mastodon: https://infosec.exchange/@blackhillsi...
LinkedIn:   / antisyphon-training  
Discord:   / discord  

///Black Hills Infosec Shirts & Hoodies
https://spearphish-general-store.mysh...

///Black Hills Infosec Services
Active SOC: https://www.blackhillsinfosec.com/ser...
Penetration Testing: https://www.blackhillsinfosec.com/ser...
Incident Response: https://www.blackhillsinfosec.com/ser...

///Backdoors & Breaches - Incident Response Card Game
Backdoors & Breaches: https://www.backdoorsandbreaches.com/
Play B&B Online: https://play.backdoorsandbreaches.com/

///Antisyphon Training
Pay What You Can: https://www.antisyphontraining.com/pa...
Live Training: https://www.antisyphontraining.com/co...
On Demand Training: https://www.antisyphontraining.com/on...
Antisyphon Discord:   / discord  
Antisyphon Mastadon: https://infosec.exchange/@Antisy_Trai...

///Educational Infosec Content
Black Hills Infosec Blogs: https://www.blackhillsinfosec.com/blog/
Wild West Hackin' Fest YouTube:    / wildwesthackinfest  
Antisyphon Training YouTube:    / antisyphontraining  
Active Countermeasures YouTube:    / activecountermeasures  
Threat Hunter Community Discord:   / discord  

show more

Share/Embed

Up next Autoplay