Bypassing Email Security Filters with HTML Table Obfuscation

TLDR: Modern email security solutions often rely on image recognition and keyword filtering to detect phishing attempts. By rendering phishing content as a series of individual HTML table cells rather than plain text or images, attackers can effectively bypass these automated defenses. This technique, demonstrated at DEF CON 2024, allows malicious payloads to reach the inbox while remaining invisible to standard security scanners.

Phishing remains the most reliable entry point for red team engagements and real-world threat actors alike. While defenders have moved toward sophisticated sandbox analysis and AI-driven content inspection, the fundamental delivery mechanism—the email—has remained largely unchanged. Most security products, including those integrated into Microsoft 365, rely on parsing email bodies for known malicious patterns, keywords, or embedded images. If you can change the way the email is structured without changing how it renders for the end user, you can effectively blind these automated systems.

The Mechanics of Table-Based Obfuscation

The core of this technique lies in exploiting the way email clients render HTML. Most modern email clients, such as Apple Mail or the web version of Outlook, are essentially mini-browsers. They interpret HTML and CSS to display content. However, security filters often struggle to parse complex, nested HTML structures, especially when those structures are used to "draw" content rather than simply display it.

Instead of sending a standard text-based phishing email or an image attachment, you can use HTML tables to construct the message. By defining a table with specific cell dimensions and background colors, you can represent text or QR codes as a grid of colored pixels. To a human, the email looks like a standard, legitimate request for multi-factor authentication (MFA) re-enrollment. To a security scanner, the email body appears as a collection of empty or styled table cells, devoid of the keywords or image signatures that would typically trigger a block.

This approach is particularly effective against Microsoft Defender for Office 365, which often tags URLs extracted from images but fails to identify the same content when it is constructed via CSS-styled table cells.

Automating the Payload with QRuciable

Manually crafting these tables is tedious, which is why the release of QRuciable is a significant development for red teamers. This tool automates the process of taking a standard HTML template and injecting obfuscated content. It uses BeautifulSoup to parse the HTML, identifies the target keywords or QR codes, and replaces them with the table-based representation.

The workflow is straightforward:

1. Identify the keywords or QR codes you want to obfuscate.
2. Render the content as an image.
3. Use pytesseract to identify the boundaries of the content within that image.
4. Convert those boundaries into a grid of HTML table cells.
5. Inject the resulting table back into the original HTML template.

The following snippet illustrates how the tool handles the conversion of a QR code into a table structure:

# Simplified logic for generating table-based QR codes
for row in qr_code_matrix:
    html_code += "<tr>"
    for cell in row:
        color = "#000000" if cell == "#ffffff" else "#ffffff"
        html_code += f"<td style='background-color: {color};'></td>"
    html_code += "</tr>"

By using this method, you are not sending an image file that can be scanned by an OCR engine. You are sending a block of HTML code that the email client interprets as an image. Because there is no actual image file attached to the email, the security filter has nothing to "see."

Real-World Applicability and Limitations

During a penetration test, this technique is most effective when targeting organizations that rely heavily on automated email security solutions without robust manual review processes. It is particularly useful for bypassing T1566: Phishing detections. When you are on an engagement, you can use this to deliver payloads that would otherwise be flagged immediately.

However, there are prerequisites. The most significant limitation is the rendering engine of the target's email client. As noted in the research, the Outlook desktop client is notoriously "sassy" regarding HTML and CSS support. It often fails to render complex table-based layouts correctly, which can break the visual appearance of your phishing email. If the email looks broken, the user is far less likely to interact with it. Always test your template against the specific email client used by your target organization before launching a full-scale campaign.

Defensive Considerations

Defenders should focus on behavioral analysis rather than static content inspection. If your security product is only looking for known malicious strings or image hashes, it will continue to miss these types of obfuscated attacks. Instead, look for anomalies in email structure. An email body that consists almost entirely of thousands of tiny, empty table cells is a strong indicator of an attempt to bypass content filters.

Furthermore, organizations should implement OWASP A07:2021 – Identification and Authentication Failures best practices by moving away from SMS or email-based MFA toward FIDO2-compliant hardware security keys. If your users are not reliant on clicking links in emails to "re-enroll" their MFA, the effectiveness of this phishing technique drops to near zero.

This research serves as a reminder that security is a cat-and-mouse game. As soon as we build better filters, attackers find new ways to hide their intent. The next time you are running a phishing simulation, consider how your own security stack would handle a message that contains no text, no images, and no malicious links—only a grid of colored table cells. It is a simple, effective, and highly disruptive technique that deserves a place in your toolkit.