2025-11-02 –, Hall 2
This presentation explores the capability of Python in the cybersecurity space. It covers how an attacker can easily setup a Command and Control (C2) server, and remotely encrypts / decrypts files in a victim's device. It features an integration with a popular chatting / streaming software, now everyone can become a commander.
MITRE ATT&CK is a well-known threat modeling framework that breaks down real-life attackers' actions to help cybersecurity professionals better understand their attack life cycle. Key phases include reconnaissance, initial access, lateral movement, command and control, as well as defense evasion.
The presentation will focus on the command and control (C2) phase, alongside with ransomware attack in action.
Yen Wai is a certified cybersecurity consultant with expertise in penetration testing and red teaming domains. She is not only an active CTF player, but also the organizer for various Capture the Flag (CTF) events in the past, which includes Battle of Hackers, Girls in CTF etc. As a person who is passionate in building the cybersecurity community in Malaysia, you will always find her involvement in different conferences. She was also a panelist for Youth in Cyber panel discussion at CYDES.