Join Our Live Cybersecurity Training on January 21st - Don't Miss Out!

EXPLOIT

Remote Desktop Protocol Interception with PyRDP

Learn From Cybersecurity Experts

Jan 21, 2025
⁠11AM - 1 PM (ET)

Beginner, Intermediate
& Expert

Online

Earn a CPE credit towards security certifications

RANSOMWARE

STEALER LOGS

TELEGRAM

Key Topics

Remote Desktop Protocol (RDP)

PyRDP: MITM tool and library

PyRDP Core Features

PyRDP for Red Teams

PyRDP for Blue Teams

PyRDP for Research

What key topics will be covered

Abstract of the Training

PyRDP is a Remote Desktop Protocol (RDP) monster-in-the-middle (MITM) tool and library useful in intrusion testing, and protocol and malware research. It’s a powerful tool that gathers information about adversaries. By wielding the tool well, you’ll be surprised to see what RDP can reveal.

As a research tool, PyRDP can:

Be used as part of a fully interactive honeypot
Be placed in front of a Windows RDP server to intercept malicious sessions
Replace the credentials provided in the connection sequence with working credentials to accelerate compromise and malicious behavior collection
Save a visual and textual recording of each RDP session, which is useful for investigation or to generate IOCs
Save a copy of the files that are transferred via the drive redirection feature, allowing it to collect malicious payloads.

This workshop covers most of PyRDP’s capabilities in a hands-on manner. However, due to the intricate setup required involving multiple interconnected virtual machines, the workshop will consist mostly of demos. Attendees will have a thorough understanding of RDP interception with PyRDP after the workshop.

Meet Your Instructor

Olivier Bilodeau

Principal Cybersecurity Researcher

Olivier Bilodeau is a principal cybersecurity researcher at Flare. With more than 12 years of infosec experience, Olivier runs honeypots, reverse-engineers binaries, and develops RDP interception technology. He authored several important AV industry reports such as Dissecting Linux/Moose, Operation Windigo (about the Ebury malware) and Ego-Market: When Greed for Fame Benefits Large-Scale Botnets. A passionate communicator, Olivier has spoken at several conferences, including RSAC USA, BlackHat USA/Europe, DefCon, 44CON, NorthSec, Botconf, SecTor, Derbycon, AtlSecCon and more. Invested in his community, he co-organizes MontréHack — a monthly workshop focused on applied information security —, and is NorthSec’s President, running its Hacker Jeopardy.

Level of Knowledge Required to Participate

Familiarity with Virtual Machines and advanced network configurations

Familiarity with Linux

Who is it For?

Intrusion Testers

(pentest, red team)

Security Researchers

Blue Teams Interested In Deception Activities

Who can attend the training?

How long is the training session?

How do I register for the training?

Can I ask questions during the training?

Can this training count as a CPE credit for my cybersecurity certifications?

Frequently Asked Questions

Deep Privacy in the Age of the Panopticon: OPSEC Fundamentals

Learn essential OPSEC strategies and practical lessons to safeguard your identity, protect your privacy, and navigate modern surveillance with confidence.

Reserve Your Spot

Reserve your spot today or explore all available trainings to find the perfect fit for your journey!

#stealerlogs

#ransomware

#telegram

#threatintel

Privacy Policy | Terms & Conditions

New Skills Learner Would Gain