DEF CON 27 Red Team Offensive Village – Alvaro Folgado – SiestaTime Automation fr Long term implants
https://www.ispeech.org
Red Team operations require substantial efforts to both create implants and a resilient C2 infrastructure. SiestaTime aims to merge these ideas into a tool with an easy-to-use GUI, which facilitates implant and infrastructure automation. SiestaTime allows operators to provide registrar, SaaS and VPS credentials in order to deploy a resilient and ready to use Red Team infrastructure in less than five minutes. The generated implants will blend-in as legitimate traffic by communicating to the infrastructure using SaaS channels (e.g. GMail, Twitter). Use your VPS/Domains battery to deploy staging servers and inject your favorite shellcode for interactive sessions, clone sites and hide your implants ready to be downloaded, deploy more redirectors if they get busted‚ SiestaTime is built entirely in Golang, with the ability to generate Implants for multiple platforms, interact with different OS resources, and perform efficient C2 communications. Terraform will help to deploy/destroy different Infrastructure.
About Alvaro Folgado: Rebujacker works as a Product Security Engineer at Salesforce. He has multiple years of experience performing penetration tests, security assessment against different technologies, building automation tools for this purpose and performing application level researches. In the recent years his field of study has been focused into red teaming and automation. The combination of his application level and offensive security knowledge leads him to build better and stealthier implants that blends-in with nowadays cloud infrastructure and application stack of targeted organizations. Twitter: @rebujacker
video, sharing, camera phone, video phone, free, upload
2019-12-13 04:38:11
source
Gloss