Development and operations a practical guide



Download 4.62 Mb.
View original pdf
Page70/96
Date11.02.2023
Size4.62 Mb.
#60628
1   ...   66   67   68   69   70   71   72   73   ...   96
1 Joe Vest, James Tubberville Red Team Development and Operations
2019, Year of the C2
In and around the year 2019, tremendous growth in the number of C frameworks occurred. Dozens of C2
frameworks were released or seriously updated. This increase provided new options to Red Teams by providing new protocols, more cross-platform support, and new operator interfaces.
CobaltStrike
[18]

Commercial software from Strategic Cyber, LLC.

Command and Control payload is known as a beacon

An earlier project, Armitage, is a free tool by Raphael Mudge. It is often confused with the free version of Cobalt Strike but has a very different code base

Described as Cobalt Strike is software for Adversary Simulations and Red Team
Operations.”

Supports both asynchronous and synchronous C communication
Empire
[19]

Open source software

Command and Control payload is known as an agent

Described as Empire is a pure PowerShell post-exploitation agent built on cryptologically-secure communications and a flexible architecture.”

Supports both asynchronous and synchronous C communication

Officially retired as a project in 2019

Tweet announcing the retirement of Empire
Metasploit

Open source and commercial software is maintained by Rapid7

Highly capable penetration testing and exploitation framework with some Red Team post- exploitation support

Command and Control payload is known as Meterpreter

Communication is generally synchronous
Other C2
Cobalt Strike, Empire, and Metasploit are simply three C examples selected due to being commonly known and widely used. In 2018 and 2019 numerous tools and frameworks for command and control were announced and released. This trend will likely continue for future years. If building a C2
framework isn’t possible given the team’s time or budget, the authors recommend a simple search for potential frameworks, testing of each, and selecting the frameworks) that best meet the need for the current effort.

Download 4.62 Mb.

Share with your friends:
1   ...   66   67   68   69   70   71   72   73   ...   96




The database is protected by copyright ©ininet.org 2024
send message

    Main page