Typically, the activities of a malware attack occur on an execution timeline that generally consists of 3 segments—the vector, the stage, and the persistence. First, a vector, or method of exploitation is identified. This could be anything from logging in over a credentialed method like RDP or SSH and running a malicious payload directly, to exploiting a memory corruption vulnerability remotely. Second, that access is leveraged into running malicious code that prepares the victim for the deployment of persistence (commonly "implant"). While segments one and three have been extensively automated, a effective automated utility for deploying persistence in a dynamic and unified context has yet to present itself.
Enter the Genesis Scripting Engine.
Multiple demos involving practical application scenarios will be presented, as well as an opportunity for audience members to submit their own implants and have them built into a hydra on stage in a matter of minutes.
- Alex Levinson, Senior Security Engineer
- Dan Borges, Hacker
Alex Levinson is a Senior Security Engineer at Uber with experience in red teaming, software engineering, and incident response. Outside of Uber, he is a core member of the red team for the National Collegiate Cyber Defense Competition (CCDC), as well as the Competition Director for the Collegiate Penetration Testing Competition (CPTC). Previously, Alex worked as a Senior Consultant and Development Manager at Lares Consulting.
@alexlevinson, github.com/gen0cide, alexlevinson.wordpress.com
Dan Borges is an information security professional with over 15 years in computer science. Dan participates in a number of cyber security competitions each year, from being on the National CCDC Red Team, to leading a Blue Team in Pros Versus Joes, and helping run the Collegiate Penetration Testing Competition (CPTC). He has been publishing a blog on infosec education for more than 10 years.