C2Centipede - APT Level C2 Communications for Common Reverse HTTP Shell Tools

Explore advanced malware techniques and network evasion strategies in this conference talk from Ekoparty 2021's Red Zone Space. Dive into C2Centipede, a proxy tool designed to enhance the stealth capabilities of common HTTP reverse shell tools like Metasploit and Empire. Learn how adversaries improve malware resilience and network evasion through techniques such as Fast Flux networks, Domain Generation Algorithms, and Domain Fronting. Discover how C2Centipede dynamically modifies trojan C2 communication routing and beaconing strategies to evade blue team detection methods. Gain insights from Jose Garduño, a senior security consultant at Dreamlab Technologies, as he shares his expertise in security audits, pentesting, and red teaming engagements.

C2Centipede: APT level C2... ▪ Jose Garduño ▪ Ekoparty 2021: Red Zone Space