Let's be bad people! (Day 1)

Presented at Kiwicon 2038AD: The Dystopic Future is Now (2018), Nov. 14, 2018, 9 a.m. (480 minutes)

This course is designed to up your quiet game. In the recent years, blue teams have grown complacent with new tools and telemetry. They don't actively hunt unless a tool tells them a box is interesting. In this course, you will learn how to tunnel your comms, stand up C2 infrastructure to be misleading, encrypt you traffic, create diversions, and other escape and evasion techniques to hide from the blue team. This course focuses on hiding on the network as well as in the system. We'll be targeting a windows environment hosted in the cloud. Course Outline DAY 1 - Getting details sorted - Standing up infrastructure / machines / software - Walking the perimeter - Identifying what the blueteam can see - Deciding what to hide, how and where to hide it - Validating configurations, checking to make sure we're sneaky sneaky DAY 2 - Adding layers of obfuscation - Lateral movement - Target identification and exfiltration - Playtime Prerequisites This course is for senior pentest types and redteam types. Or anyone else that has the requisite knowledge. * You must be familiar with linux cmdline (kali or ubuntu is fine), you must have experience with msfvenom, metasploit and empire. * You must have basic knowledge of linux subsystems. * You must be able to quickly edit files (vi, nano etc), restart services in linux, and understand how to move files around. * Experience with letsencrypt is a plus * Experience with ec2/aws services and dns configurations is a plus


  • Dan Tentler / Viss as Viss
    Dan Tentler is the executive founder and offensive security practice director of The Phobos Group. Dan has an established reputation in the industry for his innovative risk surface discovery projects and numerous speaking engagements. Dan and his team have conducted unique targeted attack simulations for companies in sectors including financial, energy, manufacturing and industrials, and varied platform service providers. Dan routinely appears in the press on new security risks and security industry development.

Similar Presentations: