TS Episode09

From Security Weekly Wiki
Jump to navigationJump to search

Tradecraft Security Weekly - Episode 09

Host

  • Beau Bullock, @dafthack, Penetration Tester at Black Hills Information Security
  • Episode Audio

    [] Coming Soon

    Recorded July 06, 2017

    Command & Control 101: Transports

    After an attacker is successful in getting a payload onto a system and getting it to run they still have to worry about whether there will be a successful connection out to a command and control server. There are a number of different transport mechanisms that can be utilized including direct TCP connections, pivoting through a proxy, DNS, or even ICMP to name a few. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) details some of these transports that can be used to establish remote command and control over a system.

    LINKS: Dnscat - https://github.com/iagox86/dnscat2 Gcat - https://github.com/byt3bl33d3r/gcat PowerShellICMP - https://github.com/samratashok/nishan... icmpsh - https://github.com/inquisb/icmpsh Week of PowerShell Shells - http://www.labofapenetrationtester.co...