Adversary Emulation w/ Carlos Perez - PSW #789
Security Weekly Podcast Network (Audio)
00:00
The Importance of Blending In
Code words also kind of serve as beacons. If you hear people talking, referencing a C2 piece of software with your code name, then you know it's been burned. So thankfully, when we look at the strings of all of our different tools, there's pretty nothing there. We do take a approach to how we design our implants. Typically we have what we call a scout, an initial payload that goes in that has very basic functionality. The more API's, the more stuff we put into that initial scout, the morestuff is going to look off and stand out.
Play episode from 16:26
Transcript
