MEATPISTOL, A Modular Malware Implant Framework

Presented at DEF CON 25 (2017), July 28, 2017, 5 p.m. (45 minutes)

Attention Red Teamers, Penetration Testers, and Offensive Security Operators, isn't the overhead of fighting attribution, spinning up infrastructure, and having to constantly re-write malware an absolute pain and timesink!?! It was for us too, so we're fixing that for good (well, maybe for evil). Join us for the public unveiling and open source release of our latest project, MEATPISTOL, a modular malware framework for implant creation, infrastructure automation, and shell interaction. This framework is designed to meet the needs of offensive security operators requiring rapid configuration and creation of long lived malware implants and associated command and control infrastructure. Say goodbye to writing janky one-off malware and say hello to building upon a framework designed to support efficient yoloscoped adversarial campaigns against capable targets.

Presenters:

• Josh Schwartz / FuzzyNop - Director of Offensive Security @ Salesforce   as FuzzyNop (Josh Schwartz)
  FuzzyNop and ceyx were raised by computerized wolves with a penchant for fine art and rum based cocktails. While technically from different mothers and also sides of the world, they formed the first cyber wolf brothership shell-bent to ameliorate the state of targeted malware implants to support the ongoing war against the institutionalized mediocrity of the corporate shadow government. Working in tandem with dolphin researchers funded by the oligarch llamas they have found a way to synthesize powdered ethanol into mechanical pony fuel. Leading Offensive Security functions at Salesforce is merely a front to confuse the saurian overlords of their true purpose yet to be revealed...
• John Cramb / ceyx - Hacker   as ceyx (John Cramb)
  FuzzyNop and ceyx were raised by computerized wolves with a penchant for fine art and rum based cocktails. While technically from different mothers and also sides of the world, they formed the first cyber wolf brothership shell-bent to ameliorate the state of targeted malware implants to support the ongoing war against the institutionalized mediocrity of the corporate shadow government. Working in tandem with dolphin researchers funded by the oligarch llamas they have found a way to synthesize powdered ethanol into mechanical pony fuel. Leading Offensive Security functions at Salesforce is merely a front to confuse the saurian overlords of their true purpose yet to be revealed...

Links:

• https://defcon.org/html/defcon-25/dc-25-speakers.html#FuzzyNop
• https://infocon.org/cons/DEF CON/DEF CON 25/DEF CON 25 video and slides/DEF CON 25 - Josh Schwartz and John Cramb - MEATPISTOL and A Modular Malware Implant Framework.mp4
• https://infocon.org/cons/DEF CON/DEF CON 25/DEF CON 25 video and slides/DEF CON 25 - Josh Schwartz and John Cramb - MEATPISTOL, A Modular Malware Implant Framework.srt (subtitles)
• https://www.youtube.com/watch?v=dbIdo9ilEIY

Similar Presentations:

• ekoparty 14 (2018) / To Execute or Not to Execute. How to Build a Malware Execution Lab
• HushCon Seattle 2016 / Introducing MEATPISTOL, A Modular Malware Framework
• BruCON 0x09 (2017) / MEATPISTOL, A Modular Malware Implant Framework