A comparison between conventional and supply chain attack patterns in Java.

In this talk, we introduce new Java post-exploitation tools while exploring the possibilities and challenges in performing dropping, command & control, persistence, privilege escalation, secret stealing, and lateral movement inside a Java environment.

This talk compares the steps of conventional RCE exploitation in Java with supply chain-based attacks. Using a combination of known but underutilized attack techniques, the living off the Java land attack path challenges assumptions about how attackers may behave after gaining a foothold in a Java process to avoid detection. This talk also explains detection points that a defender can monitor to increase their threat detection capabilities.