Back to All Events

Beginner C2 with Sliver


  • secwest.net Vancouver Canada (map)

DOJO Details/Logistics

2 Day DOJO. March 18 - 19 (Monday to Tuesday), 2024.

The following types of attedance are available:

  • In-Person

  • On-Line

Last updated February 19, 2024

 

DOJO Summary:

Learn the ins and outs of using a command-and-controls (C2) for red team operations and learn how threat actors use C2s to gain access to computers and internal networks. During this course, we will create implants with Sliver, learn how to manage a C2 with multiple operators, persist in the target’s environment, pivot to other hosts, and steal valuable credentials. Course material will be accompanied by hands-on labs and a test network to familiarize yourself with the tools and practice the techniques. 

 

DOJO Objectives:

  • Sliver server setup

  • Sliver client setup

  • Working with multiple operators

  • Implant creation (Windows, Linux)

  • Interacting with an implant

  • Creating and leveraging stagers

  • Persistence in operation 

  • Introduction to credential theft

  • Introduction to implant pivoting

  • Android implants

  • Introduction to AV bypass 

 

Course Pre-requisites:

This course is created for a beginner security audience with no former knowledge of red teaming/threat hunting or C2s needed. Beginner to moderator level of Linux and Windows recommended. 

 

Software/Hardware Requirements:

  • A laptop with VMware Workstation/Player

 

About the Instructor: Peter Greko

Peter Greko recently joined the Microsoft AI Red Team but was on the Microsoft corporate red team previously for three years.  Before that, Peter worked several years for NCC Group doing red team operations and application security.  His focus is on AI related security, Risks in AI, and adversarial emulation of both criminal and nation state activities.  With all this experience Peter tends to have a unique viewpoint in adversarial emulation which is reflected in the course material.  He often looks forward to discussions about modern TTPs and motivations behind criminal groups and hostile nation states.  

 

About the Instructor: Kellian Hunt

Kellian Hunt is a security consultant with four years of experience with IOActive and previously NCC Group. Her focus is in web application pentesting, red team operations, and network pentesting. 

 

About the Instructor: Luciano Krigun

Luciano Krigun is Microsoft Corporate Red Team member with experience in AI Red teaming, web and OS pentesting. He has also participated in Red Team Operations. With 5 years of experience in security and 10+ in Service Engineering.

 
 
Previous
Previous
March 18

Attacking and Defending Linux, Kubernetes and Docker

Next
Next
March 18

OPSEC for Investigators and Researchers