This workshop covers modern netflow correlation and web traffic fingerprinting attacks and countermeasures in practice, with a focus on Tor, i2p, nym, and other publicly accessible anonymity tools. Most of the academic literature focuses on how to perform these types of attacks only in theory. In practice they are difficult to set up and require extensive collaboration between backbone-positioned adversaries. One would hope that these adversaries are careful, accountable, well-resourced, and not beholden to the interests of private corporations. William will first describe the state of the art for these attacks, including netflow correlation, web traffic fingerprinting, active traffic disruption, and throttling. He'll then detail an end-to-end pipeline for legally spinning up a C2 server with full non-attribution, enabled using publicly available infrastructure.