Preview Mode Links will not work in preview mode

Mar 18, 2019

Shout-out to Thomas…

    Tried to meetup while at SEA comic-con



Hacker’s Health - Ms. Roddie is at TROOPERS (Ms. Berlin?)

4 podcasts?

SpecterOps Training / workshopCon  -

Zach Ruble- @sendrublez

C2 infra using Public WebApps

TARCE - Teaching Assistant RCE(?) - they run your code every week, don’t check for backdoors before running it...

C2 Basics

    Local HTTPd server (bashfile)

    Python scrapes web server

3 components


-Communication channels

-Malware and client


3 Requirements of a C2

-victim receives commands

-Vic executes

-Send results back

Web server serving a static file

Malware on machine scraping site with python requests and executing it as commands.

Crontab @reboot


State change = change the text field


Long haul/short haul server

Long haul - regain persistence

Short haul - sends commands to victims


Slack as C2 - Blends in to the Env

    Send and receive messages

    Using Real Time Messaging API



Reddit as a C2

    “Reddit Rising”

    Serverless platform


Using Google search results as

    Would Google Algos see odd behavior of hundreds of hosts searching for the same thing?

Log file analysis?

    How can we protect against this?

C2 News (If we go short) :

Automating OSINT


Check out our Store on Teepub!

Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email

#Brakesec Store!:



#Youtube Channel:

#iTunes Store Link:

#Google Play Store:

Our main site:

#iHeartRadio App:


Comments, Questions, Feedback:

Support Brakeing Down Security Podcast by using our #Paypal OR our #Patreon

#Twitter@brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM :

#Stitcher Network:

#TuneIn Radio App: