Introducing Bruiser: A Small and Sneaky Backdoor for Windows

Presented at DerbyCon 7.0 Legacy (2017), Sept. 22, 2017, 6 p.m. (55 minutes)

Bruiser was developed to help Information Security professionals emulate advanced techniques seen in the wild. This backdoor leverages steganography and social media to create a stealthy and unpredictable command and control channel. Each implant incorporates unique encryption, and a server based control center allows an operator to easily manage multiple implants at a time. In this talk we'll cover how Bruiser came about, its features and how you can use it to take your engagements to a new level. Jared Haight is a member of the Windows and Devices Group Red Team at Microsoft. Before joining Microsoft he spent many years in security and operations related positions. When he's not making the world a safer place he enjoys learning and creating new and subversive ways to attack networks and hiking (not always at the same time). @jaredhaight

Presenters:

• Jared Haight

Links:

• https://www.derbycon.com/friday-schedule/#event-53

Similar Presentations:

• DerbyCon 8.0 Evolution (2018) / The Unintended Risks of Trusting Active Directory