[Dailydave] Tactical OPSEC in INNUENDO
Dave Aitel
dave.aitel at gmail.com
Wed Feb 15 11:33:39 EST 2017
https://vimeo.com/200421115
If you have ten minutes in some line at RSAC, and you want to see a great
video, then click that link above. :)
The summary is this: You only want your implant to use the web for C2 when
there are people using the web! No implant should be going out over HTTPS
when everyone in the office is at home watching Desperate Housewives of
Pyongyang!
One mantra we have when building INNUENDO is that OPSEC is often much
easier to say than to code, and the goal of the INNUENDO API is to make
that gap as small as possible. You get to see just how little code we had
to write to do this simple version in the video, so it's well worth your
time, I hope! :)
-dave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20170215/6d5e94a8/attachment.html>
More information about the Dailydave
mailing list