Explore advanced malware writing techniques and red team strategies in this 38-minute conference talk from Derbycon 2016. Dive into topics such as CCDC, Empire installation, Impacket SMB Server, BAT and BASH scripting, Powershell Autoruns, Metasploit Binaries, and Windows Password Persistence. Learn about prioritization in red team operations, protocol considerations, and tools like Cobalt Strike, CANVAS, and Innuendo. Gain insights into blue team tactics and discover noise-building techniques using CSC.exe and lexpress.exe. Enhance your understanding of offensive security practices while considering defensive perspectives.
Overview
Syllabus
Intro
meterpreter getuid
What is CCDC?
Win Conditions
Red Team Goals
Install
Empire
Impacket SMB Server
BAT Files/BASH Scripts
Build your own
What are my priorities?
How much?
Powershell Autoruns
Metasploit Binaries
Windows Password Persistence
DeSecurity
What protocol
Cobalt Strike
CANVAS / Innuendo
Mailslot!
What does the blue team do?
Noise building - CSC.exe
Noise building - lexpress.exe
