From Spoofing to Tunnelling: New Red Team's Networking Techniques with Shu Hao Tung

From IP spoofing to GRE and VXLAN abuse, learn how attackers can quietly tunnel into your network and break your incident response trail. In this BSides Vancouver Island 2025 talk, Shu‑Hao Tung walks through practical red team networking techniques that turn “just misconfigurations” in GRE, VXLAN, and routing protocols into reliable initial access and stealthy lateral movement paths. This session is ideal for red teamers, penetration testers, blue team defenders, network engineers, and tool builders working with on‑prem, hybrid, or cloud-connected environments. You’ll see how intranet IP spoofing can hide attacker paths from IR, how unencrypted stateless tunnels (GRE/VXLAN) and Internet exchanges can be abused for initial access, and how routing protocol issues (like OSPF on the wrong interfaces) can escalate to full domain compromise. This session was recorded live at BSides Vancouver Island 2025 at the Victoria Conference Centre in Victoria, BC. Subscribe to BSides Vancouver Isl