Carrie Roberts //* SSHazam is a method of running any C2 tool of your choice inside a standard SSH tunnel to avoid network detections. The examples here involve running PowerShell [β¦]
The post SSHazam: Hide Your C2 Inside of SSH appeared first on Black Hills Information Security, Inc..
Darin Roberts // In previous blogs, I have shown how to get various C2 sessions.Β In this blog, I will be showing how to do C2 over ICMP. First, what [β¦]
The post How To: C2 Over ICMP appeared first on Black Hills Information Security, Inc..
Craig Vincent// This all started with a conversation I was having with a few other BHIS testers. At the time, I was testing a web application that used WebSockets. The [β¦]
The post Command and Control with WebSockets WSC2 appeared first on Black Hills Information Security, Inc..
Special guest Lee Kagan from RedBlack Security talks about his script, his previous guest posts and the future of C2 with Beau Bullock and Sierra. Check out these links: How [β¦]
The post PODCAST: Lee Kagan & Beau Bullock talk C2 appeared first on Black Hills Information Security, Inc..
Darin Roberts// If you have been in the security field for any length of time at all you have heard the term C2. Β You might have heard it also called [β¦]
The post C2, C3, Whatever It Takes appeared first on Black Hills Information Security, Inc..
Lee Kagan* // Expanding upon the previous post in this series, I decided to rewrite C2K (find it here) to change its behavior and options for the user. In this [β¦]
The post How to Build a Command & Control Infrastructure with Digital Ocean: C2K Revamped appeared first on Black Hills Information Security, Inc..
John Strand // In this webcast, we walk through different tools to establish and test your Command and Control (C2) detection capabilities. Why does this matter? Almost all organizations we [β¦]
The post WEBCAST: Two Covert C2 Channels appeared first on Black Hills Information Security, Inc..
Login