My thoughts about C2 and the tests @C2_MATRIX @metasploit @c2_matrix #Covenant @BYT3BL33D3R @BHinfoSecurity #PENTEST #PENTESTING #REDTEAM #INFOSEC #autossh #ssh

Hi, this will be a short one. But I must put down in words what my thoughts are about the C2 tests that I have been doing for some time now. Not so hard to set up and get it running. If you want to play around there are some really good blog post out there to get you up and running.

Go back in the blogg and you will find the tests that I have been doing.

I really wanted to try out Cobalt Strike but when I was in contact with them It became to much money. I do this on my free time and do not have the funds to buy stuff to try out.

In my tests I really liked SILENTTRINTY and Covenant, easy to implement and get it up and running.

Obfuscation of payloads and evading AV is hard. I think, but I have not decided yet that evading AV is my next posting.

To get started and burn some really nice hours please go to.
https://www.blackhillsinfosec.com/blog/webcasts/

Rogers 10 commandments words

  1. Use any AV on your desktop. Defender is really god to stop bad things
  2. Do NOT be Administrator on you local machine
  3. Implement LAPS (if it is possible)
  4. Tell your IT guy/girl if you see something suspisious or if you press the wrong link. (it’s not embarrassing)
  5. Do some “lite” IT-Security traning. There is a lot of free stuff out there. It is about to get security in our mind. I know it is not fun but it is neccessary. (See above link)
  6. Updating your OS and Application often!
  7. Use password managers. there is alot of freeware if you do not wanna pay
  8. Implement MFA on everything.
  9. Backup, Backup and Backup
  10. Have fun! Life is to short

That was all from me this time!

Keep Hacking!

//Roger

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.