Tunneling Havoc C2 with Microsoft Dev Tunnels | Malware of the Day
A video summary by Faan Rossouw of the Malware of the Day - Tunneling Havoc C2 with Microsoft Dev Tunnels
🔗 Blog post located here:
https://www.activecountermeasures.com...
🔗 AC-Hunter:
https://www.activecountermeasures.com...
🔗 AC-Hunter Community Edition:
https://www.activecountermeasures.com...
🔗 RITA on GitHub:
https://github.com/activecm/rita
Timeline:
00:06 - Background
00:44 - Understanding MS Dev Tunnels Role in Compromises
02:53 - Tunnelling Egress C2 Traffic using a Half-tunnel
03:35 - Tunnelling Egress C2 Traffic using a Full tunnel
04:04 - Tunnelling Ingress Traffic using a Full tunnel
04:46 - Scenario and Setup
07:12 - RITA
07:55 - Zeek
10:11 - AC-Hunter
11:30 - System Informer
14:26 - Conclusion
🔗 Register for webcasts, summits, and workshops -
https://poweredbybhis.com
🔗Active Countermeasures Socials
Twitter: / activecmeasures
LinkedIn: / active-countermeasures
Discord: / discord
🔗Our Threat Hunting Tool ~ AC-Hunter
Features - https://www.activecountermeasures.com...
Interactive Demo Space - https://www.activecountermeasures.com...
🔗Active Countermeasures Open-Source Tools
https://www.activecountermeasures.com...
🔗Educational Threat Hunting Content
FREE 6-Hour Threat Hunt Training: https://www.activecountermeasures.com...
Active Countermeasures Blog: https://www.activecountermeasures.com...
Active Countermeasures YouTube: / activecountermeasures
🔗Learn Threat Hunting Skills from Antisyphon Training
Entry-Level (Pay-What-You-Can): https://www.antisyphontraining.com/pa...
Advanced: https://www.antisyphontraining.com/ad...
🔗Active Countermeasures Shirts
https://spearphish-general-store.mysh...
🔗Our Tribe
Black Hills Infosec: https://www.blackhillsinfosec.com/
Wld West Hackin' Fest: https://wildwesthackinfest.com/
Antisyphon Training: https://www.antisyphontraining.com/
#infosec #FreeTools #BHIS #Threathunting #threatintel #cybersecurity