Dani Goland
[Net Alpha Financial Systems]
At the age of 20, Dani Goland founded his own boutique company for innovative software and hardware solutions.

He is a certified AWS Cloud Solutions Architect. While gaining experience in business and finance, Dani did not neglect his hands-on capabilities in both making and breaking systems.

Dani recently relocated from Israel to the United States to study Data Science at the prestigious UC Berkeley. During his studies, Dani founded VirusBay, a collaborative malware research community that skyrocketed amongst the global security community with over 2500 researchers.

Dani spoke at numerous cybersecurity conferences such as BlackHat USA, CodeBlue Japan, CONfidence, SEC-T, and more. After serving in the Israeli Defense Forces as a commander of a Field Intelligence unit, Dani went on an 8-month journey across South America. He loves snowboarding, music concerts, and having crazy, breathtaking experiences such as spending 5 days in the Bolivian Jungle with no food or water.

From The Cloud To The Ground

Technical Level (3 being the highest score): 3

When we decided to combine forces and simulate a total take over of a modern organization, we never expected to find what we did.

Starting researching the modern DevOps landscape, Dani ended up abusing serverless functions, Service Meshes, Service Discovery, and discovering new attack vectors such as SMesh poisoning which proved to have devastating consequences.

It started as simple MITM attacks by impersonating services on a service mesh, to data tampering, novel persistence techniques, attacking the CI/CD process for supply chain type attacks, and various privilege escalation techniques.

Finally, Dani will demonstrate a weaponization of a new RCE for taking over a machine running a DB service on the cloud which is a key service with connection to most services so lateral movement is a breeze.

Mo takes the baton from Dani after taking over the important parts of the cloud environment and leveraging the ADFS server as a strategic pivot point gaining access to the wire.

Pivoting from the Cloud into the organization's Internal network all without social engineering, started a skydiving adventure from the cloud to the ground, landing in the organization’s on-premise environment and creating a sophisticated kill chain using AMSI bypasses, undetectable C2’s, undetectable .NET payloads, bypassing relay mitigations and many more techniques discovered in the past year.

All in the path of glory to take over the Cloud, the Ground(Domain Controller), and your prized assets.

Secure your place now!