A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


kubered - Recipes for C2 Operations on Kubernetes - Larry Suto, Jeff Holden Derbycon 2019 (Hacking Illustrated Series InfoSec Tutorial Videos)

kubered - Recipes for C2 Operations on Kubernetes
Larry Suto, Jeff Holden
Derbycon 2019

This talk explores deploying and dynamically generating C2 services on Kubernetes! Everything will be extremely practical with walkthroughs of detailed deployment configurations. Building containers for popular C2 platforms, such as Cobalt Strike, and many others, will be covered. Rapidly deploying complex C2 infrastructure using tools such as Kops and Drone and managing DNS and TLS using Kubernetes will be discussed. Attendees will learn how to build complex redirecting logic to sandbag defenders, using the rewriting and filtering capabilities found in the Nginx Ingress Controller, Open Policy Agent (OPA) and the Istio Service Mesh. In addition, monitoring the health of implants using Prometheus will be reviewed.At the end, a GitHub will be released with resource files and Helm charts.

Larry Suto is an independent security consultant based out of Oakland, CA. He spends a lot of time researching using cloud infrastructure for all types of security testing. He spends some time on Windows security as well. Jeff Holden works for a large college system as an Information Security Manager/jack of all trades. His favorite part of the job though is in the penetration testing of the colleges in the system. He also contributes to open source projects and releases his own code.

@larrysuto, @jeffh

Back to Derbycon 2019 video list

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast