Abusing Webhooks for Command and Control

Explore a technique for establishing outbound network connectivity using HTTP callbacks (webhooks) in this 25-minute NorthSec conference talk. Learn about webhooks, their organizational uses, and how to leverage approved sites as communication brokers. Discover methods for data transfers, asynchronous command execution, and creating command-and-control communication while bypassing strict defensive proxies and avoiding attribution. Examine a tool that utilizes broker websites to work with external C2 using webhooks. Cover topics including webhook users like GitHub and Octopus, delivery mechanisms, real-time communication, and continuous integration.

Intro
Who uses Webhooks
GitHub
Octopus
Delivery mechanism
Delivery demo
Realtime communication
Continuous integration