Honey I Stole Your C2 Server - A Dive into Attacker Infrastructure
Offered By: YouTube
Course Description
Overview
Dive into a 31-minute conference talk exploring attacker infrastructure and investigative techniques. Learn about typical Mandiant investigations, unusual service installations, Metasploit indicators, and initial attack vectors. Discover insights on command and control, encoding methods, and free domain tools. Explore Windows Server and Linux environments, including ISO and VM setups. Gain knowledge about PostgreSQL databases, including password changes, MSF console usage, and bypassing Metasploit. Examine medical credentials, postcrash tables, and database drops. Analyze Postgres sequels, parsers, and headers to gain valuable attacker insights. Conclude with a Q&A session to deepen understanding of cybersecurity investigation methods.
Syllabus
Intro
Who am I
Honey I Stole
Typical Mandiant investigation
We say goodbye
Weird service installs
Metasploit indicators
Metasploit investigation
Initial attack vector
Command and control
Encoding
Free Domain Tools
Windows Server
Linux ISO
Linux VM
PostgreSQL
VMDK
Change password
MSF console
Bypass metasploit
Medical credentials
Postcrash tables
Previous database drops
Postgres sequel
Postgres parser
Postgres header
Rows
Parser
Attacker Insights
Any questions
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network