Evil Twin Techniques For Real World Exploitation
Details
Most people hear "Evil Twin" and think fake login page at a coffee shop. Harvest some passwords, call it a day.
That's the tutorial version. That's not what this talk is about.
Harold "superkojiman" Rodriguez is going to show what happens when you actually build out Evil Twin infrastructure and use it as a real attack platform. Not just phishing — direct methods of gaining access to target systems. The tooling, the infrastructure, the tradecraft. How a technique most people write off as basic becomes a legitimate entry point in an engagement.
What we'll cover:
- How Evil Twin setups go way beyond credential harvesting
- Direct methods for gaining access to target systems
- Attack chains that start with network positioning
- Real-world scenarios where these techniques actually matter
- The defensive gaps most security teams miss
About the speaker:
Harold has been doing this for over 15 years. Red team operations, penetration testing, vulnerability research, exploit development — the full spectrum. He's authored boot2root and CTF challenges, built open-source security tools, and written tutorials that have been floating around the community for years. If you've done any offensive security training or CTF work, there's a good chance you've run into his stuff.
Details:
- Thursday, April 16, 2026
- Doors at 6:30 PM. Talk starts shortly after.
- Stan, 100 Queens Quay East, Toronto
Stick around after for the hallway track. That's where half the good conversations happen.
DC416 is Toronto's DEFCON group. Monthly meetups. Technical talks. No vendor pitches. No fluff.