kubered - Recipes for C2 Operations on Kubernetes

Presented at DerbyCon 9.0 Finish Line (2019), Sept. 7, 2019, 10 a.m. (45 minutes).

This talk explores deploying and dynamically generating C2 services on Kubernetes! Everything will be extremely practical with walkthroughs of detailed deployment configurations. Building containers for popular C2 platforms, such as Cobalt Strike, and many others, will be covered. Rapidly deploying complex C2 infrastructure using tools such as Kops and Drone and managing DNS and TLS using Kubernetes will be discussed. Attendees will learn how to build complex redirecting logic to sandbag defenders, using the rewriting and filtering capabilities found in the Nginx Ingress Controller, Open Policy Agent (OPA) and the Istio Service Mesh. In addition, monitoring the health of implants using Prometheus will be reviewed.At the end, a GitHub will be released with resource files and Helm charts.


Presenters:

  • Larry Suto
    Larry Suto is an independent security consultant based out of Oakland, CA. He spends a lot of time researching using cloud infrastructure for all types of security testing. He spends some time on Windows security as well.
  • Jeff Holden
    Jeff Holden works for a large college system as an Information Security Manager/jack of all trades. His favorite part of the job though is in the penetration testing of the colleges in the system. He also contributes to open source projects and releases his own code.

Links:

Similar Presentations: