Tweet
Title: Jake "Hubble" Krasnov, Dylan "CyberStryke" Butler, Kevin “Kent” Clark - Long Live the Empire: A C2 Workshop for Modern Red Teaming
Scheduled Date and Time (Pacific Standard): Friday, August 11, 2023, at 0900 PDT
EventBrite Link: https://www.eventbrite.com/e/jake-hu...=oddtdtcreator
Max Class Size: 80
Abstract:
Command and Control (C2) is a crucial component of modern Red Teams and Advanced Persistent Threats (APTs), enabling persistent connections to target networks and facilitating the spread of control throughout the infrastructure. This comprehensive workshop will provide an in-depth understanding of C2 concepts by utilizing the open-source Empire C2 framework. Participants will gain valuable insights into the deployment, features, and real-world application of C2 in offensive security. Attendees will learn how to leverage the powerful Empire framework to create, customize, and execute advanced attack scenarios, honing their skills as red team operators.
The workshop will cover a range of topics, from setting up Empire, understanding listeners, stagers, and agents, to exploring Empire's modules and evasion techniques. Participants will engage in hands-on exercises, building their proficiency in configuring and deploying Empire servers, interacting with clients, and implementing various listeners and modules. The workshop will culminate in a mini Capture-The-Flag (CTF) challenge, where attendees will apply their newfound knowledge in a cloud-hosted environment provided by the instructors.
Skill Level: Beginner
Prerequisites for students: Basic computer abilities
Materials or Equipment students will need to bring to participate: Laptop with a Kali Linux VM
Bios:
Jake "Hubbl3" Krasnov is the Red Team Operations Lead at BC Security. He has spent the first half of his career as an Astronautical Engineer overseeing rocket modifications for the Air Force. He then moved into offensive security, running operational cyber testing for fighter aircraft and operating on a red team. Hubbl3 has presented at DEF CON, where he taught courses on offensive PowerShell and has been recognized by Microsoft for his discovery of a vulnerability in AMSI. Jake has authored numerous tools, including Invoke-PrintDemon and Invoke-ZeroLogon, and is the co-author of a cybersecurity blog at https://www.bc-security.org/blog/.
Kevin “Kent” Clark is a Security Consultant with TrustedSec and Red Team Instructor with BC Security. His previous work includes Penetration Testing and Red Team Operator, focusing on initial access and active directory exploitation. Kevin contributes to open-source tools such as PowerShell Empire and publishes custom security toolkits such as Badrats and WindowsBinaryReplacements. Kevin authors a cybersecurity blog at https://henpeebin.com/kevin/blog.
Dylan "CyberStryke" Butler is an Offensive Infrastructure Developer at BC Security. He began his career as a software engineer, developing high-performance systems for major tech companies. His passion for cybersecurity led him to specialize in offensive infrastructure development, where he now designs and builds robust frameworks to support red team operations.