Sign up to save your podcasts
Or
Share From Spoofing to Tunnelling: New Red Team's Networking Techniques with Shu Hao Tung
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
From Spoofing to Tunnelling: New Red Team's Networking Techniques with Shu Hao Tung
From IP spoofing to GRE and VXLAN abuse, learn how attackers can quietly tunnel into your network and break your incident response trail.
In this BSides Vancouver Island 2025 talk, Shu‑Hao Tung walks through practical red team networking techniques that turn “just misconfigurations” in GRE, VXLAN, and routing protocols into reliable initial access and stealthy lateral movement paths. This session is ideal for red teamers, penetration testers, blue team defenders, network engineers, and tool builders working with on‑prem, hybrid, or cloud-connected environments. You’ll see how intranet IP spoofing can hide attacker paths from IR, how unencrypted stateless tunnels (GRE/VXLAN) and Internet exchanges can be abused for initial access, and how routing protocol issues (like OSPF on the wrong interfaces) can escalate to full domain compromise.
This session was recorded live at BSides Vancouver Island 2025 at the Victoria Conference Centre in Victoria, BC.
Subscribe to BSides Vancouver Island for more talks from local and global security practitioners, and to stay connected with the Vancouver Island security community. Join our Slack to stay up to date: https://communityinviter.com/apps/visrs/visrs. Watch more talks from the BSides Vancouver Island playlist to keep leveling up your defensive and offensive playbooks.
BSides Vancouver Island returns to the Victoria Conference Centre in Victoria, BC on Friday, September 25, 2026. Stay tuned for sponsorship, speaker, attendance, and volunteering opportunities.
View all episodes
By From IP spoofing to GRE and VXLAN abuse, learn how attackers can quietly tunnel into your network and break your incident response trail.
In this BSides Vancouver Island 2025 talk, Shu‑Hao Tung walks through practical red team networking techniques that turn “just misconfigurations” in GRE, VXLAN, and routing protocols into reliable initial access and stealthy lateral movement paths. This session is ideal for red teamers, penetration testers, blue team defenders, network engineers, and tool builders working with on‑prem, hybrid, or cloud-connected environments. You’ll see how intranet IP spoofing can hide attacker paths from IR, how unencrypted stateless tunnels (GRE/VXLAN) and Internet exchanges can be abused for initial access, and how routing protocol issues (like OSPF on the wrong interfaces) can escalate to full domain compromise.
This session was recorded live at BSides Vancouver Island 2025 at the Victoria Conference Centre in Victoria, BC.
Subscribe to BSides Vancouver Island for more talks from local and global security practitioners, and to stay connected with the Vancouver Island security community. Join our Slack to stay up to date: https://communityinviter.com/apps/visrs/visrs. Watch more talks from the BSides Vancouver Island playlist to keep leveling up your defensive and offensive playbooks.
BSides Vancouver Island returns to the Victoria Conference Centre in Victoria, BC on Friday, September 25, 2026. Stay tuned for sponsorship, speaker, attendance, and volunteering opportunities.