2024-08-07 –, Florentine E
"Rolling out the C2: Red Team Infrastructure in 2024" will explore the intricacies of establishing a robust Command and Control (C2) infrastructure in an Azure Cloud environment. The presentation will guide attendees through deploying an open-source Tailscale Overlay VPN using Headscale, and utilizing a GitLab code repository for version control and secure storage of malicious zero-day code developed by the team's secdev engineers. The talk will also demonstrate setting up traffic redirectors using Nginx Proxy Manager, and securing systems and networks using CIS benchmarked Operating Systems (OSes) and Azure Network Security Group (NSG) rules. Additionally, it will cover implementing rootless Docker containerization and configuring reverse shell handlers for Metasploit and Cobalt Strike. By the end of the session, participants will gain a comprehensive understanding of building a resilient C2 infrastructure for red team operations in 2024.
"Rolling out the C2: Red Team Infrastructure in 2024" will take attendees on a deep dive into the deployment of a cutting-edge Command and Control (C2) infrastructure in an Azure Cloud environment. This session will be led by George Polivka and Aarav Balsu, seasoned experts in cybersecurity and red team operations.
The talk will begin with an overview of the architecture, highlighting the use of an open-source Tailscale Overlay VPN using Headscale for secure communication between nodes. Attendees will learn how to leverage a GitLab code repository not only for version control but also for the secure storage of malicious zero-day code developed by the team's secdev engineers.
Moving forward, the presentation will cover the setup of traffic redirectors using Nginx Proxy Manager, ensuring efficient and secure routing of network traffic. The speakers will then delve into the critical aspect of securing systems and networks, detailing the implementation of CIS benchmarked Operating Systems (OSes) and Azure Network Security Group (NSG) rules.
Attendees will also gain insights into the use of rootless Docker containerization for enhanced security and flexibility in deploying applications. The speakers will demonstrate how to configure reverse shell handlers for Metasploit and Cobalt Strike, enabling red team operators to maintain access and control over compromised systems.
Throughout the session, George and Aarav will share their practical experiences and best practices for building and maintaining a resilient C2 infrastructure. Live demonstrations and real-world examples will be used to illustrate key concepts, providing attendees with actionable insights that they can apply in their own cybersecurity operations.
By the end of the presentation, participants will have a comprehensive understanding of the tools, techniques, and strategies required to establish a robust and secure C2 infrastructure in an Azure Cloud environment, making them better equipped to defend against cyber threats in 2024 and beyond.
George Polivka has been a tech enthusiast for over two decades. With a knack for software development, architectural design, and enterprise auditing, he's now on the front lines securing network borders as a Red Teamer. George boasts a collection of tech certifications, from the foundational A+ Technician to the prestigious OSCP. When he's not busy fortifying networks, you can find George immersed in cybersecurity challenges on Hack the Box, honing his skills and uncovering new tricks of the trade. Lately, he's been delving into cutting-edge research on deploying infrastructure and tooling to empower red team operators, making networks tremble.
Aarav is a red team engineer at Costco Wholesale. In his free time, he enjoys reading, long meandering hikes in the beautiful Pacific Northwest, and swimming!