HD Moore@hdm@infosec.exchange
If you missed this talk at BH/DC last week, it's worth a read: "From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion". Awesome work from Shu-Hao, Tung (123ojp) covering practical attacks on GRE and VxLAN tunnels: https://media.defcon.org/DEF%20CON%2033/DEF%20CON%2033%20presentations/Shu-Hao%20Tung%20-%20From%20Spoofing%20to%20Tunneling%20New%20Red%20Team%27s%20Networking%20Techniques%20for%20Initial%20Access%20and%20Evasion.pdf (repo: https://github.com/123ojp/GREtunnel-scanner & wp https://i.blackhat.com/BH-USA-25/Presentations/USA-25-Tung-From-Spoofing-To-Tunneling-New-wp.pdf)