99 Reasons Your Perimeter Is Leaking - Evolution of CC
Offered By: YouTube
Course Description
Overview
Syllabus
Intro
Hi, I'm John
Command and Control
Capability
A Brief History of C2
Capabilities Bind Shell - Reverse Shell
Constraints Reverse Shell
Capabilities Shells - IRC
Constraints IRC Channels
Other Protocol Tunneling?
DNS Tunneling
Domain Fronting
Apps / 3rd Party Services
Increasing Red Team Capabilities
Needs - Reliability
Needs - Concealment
Needs - Resilience • Expect messages to be lost, and still operate
Design Decisions
Hyperwave Architecture
Example 1 - Transitivity
Example 2 - Redundancy
Red Team Operational Concerns
C&C Detection Fundamentals
Control Your Attack Surface
Into the App Layer
Ways To Detect...
Unused Services
Process-Traffic Correlation
Unique Domain Activity
Unique URL Path/Params
Headers
Authentication Artifacts
Behavior - API Usage
Behavior - Timing . Our transport polls at X seconds
Payload Patterns
10. General Behavior
Detecting Abuse of: Dropbox
Blue Team Questions
Unit Testing
PC2
Questions?
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube