Zuthaka: A Command & Controls (C2s) integration framework

Presented at DEF CON 30 (2022), Aug. 12, 2022, 10 a.m. (115 minutes)

The current C2s ecosystem has rapidly grown in order to adapt to modern red team operations and diverse needs (further information on C2 selection can be found here). This comes with a lot of overhead work for Offensive Security professionals everywhere. Creating a C2 is already a demanding task, and most C2s available lack an intuitive and easy to use web interface. Most Red Teams must independently administer and understand each C2 in their infrastructure. Zuthaka presents a simplified API for fast and clear integration of C2s and provides a centralized management for multiple C2 instances through a unified interface for Red Team operations. A collaborative free open-source Command & Control development framework that allows developers to concentrate on the core function and goal of their C2. Zuthaka is more than just a collection of C2s, it is also a solid foundation that can be built upon and easily customized to meet the needs of the exercise that needs to be accomplished. This integration framework for C2 allows developers to concentrate on a unique target environment and not have to reinvent the wheel. After we first presented Zuthakas' MVP at Black hat USA 2021 and DEFCON demo labs, we are now presenting the first release with updated post-exploitation modules to support text based modules, as well as file based ones. With a lab populated of commonly used C2s and its out-of-the-box integrations. Audience: Red team operators, wishing a centralized place to handle all C2s instances. C2 developers, wishing to save the effort of writing the Frontend. Hackers, wishing a strong infrastructure to run C2s.

Presenters:

• Alberto Herrera
  Alberto began his journey in cybersecurity in a consulting firm, where he worked with one of the biggest telecommunication companies of the region. He continued as an advisor on the National Cyber-Defence Initiative for the Argentina Armed Forces where he worked on many high-level government programs which required elevated security clearance. He also worked for Immunity, a prominent offensive security firm that serves the financial sector, and large enterprises, where he performed cybersecurity assessments for Forbes 100 companies. In his spare time, he is a retro gaming evangelist, where he applies his hardware-hacking and low-level programming skills on different architectures.
• Lucas Bonastre
  Lucas started his career studying Mathematics at the University of Buenos Aires, however when his uncle gave him a C++ book, he realized his true passion for programming and his outstanding ability for problem-solving. He worked across cybersecurity and technology firms and is a vetted developer in many languages such as C/C++, Python, Java, and PHP. Now he is a full time developer and security researcher at Pucara Information Security. In his spare time, he is an expert chess player, and he is studying Computer Vision to analyze foosball strategies.

Similar Presentations:

• DEF CON 31 (2023) / Long Live the Empire: A C2 Workshop for Modern Red Teaming Workshop
• HushCon East 2023 / His Palms are Sweaty, C2s up, Implants Ready, There's Passwords Coming in Already: Fall2020
• Black Hat Asia 2021 Virtual / Domain Borrowing: Catch My C2 Traffic if You Can