Kraken, a modular multi-language webshell for defense evasion
Saturday August 12, 12:00 – 13:55, Society Boardroom, Forum
Raul Caro
Kraken is a modular multi-language webshell focused on web post-exploitation and defense evasion. It supports three technologies (PHP, JSP and ASPX) and its core is developed in Python. Kraken follows the principle of "avoiding command execution" by re-implementing it through the functionalities of the programming language in use. Kraken seeks to provide usability, scalability and improve the OPSEC of ongoing operations.
Raul Caro Teixido (OSCP, CRTE) is an Offensive Security Engineer at Telefonica Tech. He is the co-author of Mistica (your friendly data smuggler) presented in BlackHat Arsenal USA 2020, and the creator of Kraken (a modular multi-language webshell).
Audience - offensive (red team) and defensive (blue team and threat hunting) profiles
Saturday August 12, 12:00 – 13:55, Society Boardroom, Forum
Raul Caro
Kraken is a modular multi-language webshell focused on web post-exploitation and defense evasion. It supports three technologies (PHP, JSP and ASPX) and its core is developed in Python. Kraken follows the principle of "avoiding command execution" by re-implementing it through the functionalities of the programming language in use. Kraken seeks to provide usability, scalability and improve the OPSEC of ongoing operations.
Raul Caro Teixido (OSCP, CRTE) is an Offensive Security Engineer at Telefonica Tech. He is the co-author of Mistica (your friendly data smuggler) presented in BlackHat Arsenal USA 2020, and the creator of Kraken (a modular multi-language webshell).
Audience - offensive (red team) and defensive (blue team and threat hunting) profiles
Comment