Doomsday Preppers: Fortifying Your Red Team Infrastructure

Presented at BSides NoVA 2017 and Hack Miami 5 with Steve Borosh (@424f424f).

The sky is falling! Nation state 0days are up for auction, blue teams are hacking back, infrastructure is being pwned. Pandemonium! It’s time to hunker down and strengthen your red team infrastructure. In this talk we’ll discuss tactics for Red Teams to reduce the risk of getting your infrastructure shutdown. We cover traffic bending with mod_rewrite, C2 redirection, and counter-recon techniques. Don’t worry Blues, we provide detection and mitigation methods to protect your bunker– or organization.

Building a Better Moat: Designing an Effective Covert Red Team Attack Infrastructure

Presented at ArcticCon 2017

Red team assessments are distinct from penetration tests in many ways, typically in assessment duration, tradecraft sophistication, and level of active incident response. If the assessment is so different, why would you want to use the same attack infrastructure you’d use on a penetration test? This talk will cover how to design and leverage an effective covert attack infrastructure. I’ll cover practical design considerations, demonstrate covert attack infrastructure concepts, and provide sample attack infrastructures. This talk will not cover the nitty-gritty HOW aspect of infrastructure deployment, focusing instead on the WHAT and WHY aspects.