In this video, learn how an implant will use beaconing for command and control.
- [Instructor] One of the common forms of data exfiltrated…by a malicious implant is a beacon.…A beacon is a small and usually innocuous connection…or piece of data leaving…the inside of a network at regular intervals.…When this is being used for legitimate purposes…such as indicating that a host is still alive,…it's called a heartbeat.…When it's being used to tell a command and control system…that the implant is active, it's a beacon.…Beacons may be used just to indicate the existence…of an implant to a command and control center…or they may be used to trigger a next change in order…to get tasking from the command and control server.…
Simple beacons will have a regular schedule…of calling home but more sophisticated beacons…may vary their schedule so as not to be predictable.…This enhances their chances of evading detection.…Beacons can use any protocol, for example in ICMP packets.…However, the more common form of beacon uses HTTP…or HTTPS as this is the most likely form of traffic…to be allowed through firewalls.…
- How tunneling works
- Running a local SSH tunnel
- Dynamic SSH tunneling
- Pivoting with Armitage and Metaspoit
- Exfiltrating using DET and DNS
- Covert exfiltration with Cachetalk
- Using PyExfil to exfiltrate over HTTPS
Skill Level Advanced
Ethical Hacking: Penetration Testingwith Lisa Bock1h 20m Intermediate
Penetration Testing Essential Trainingwith Malcolm Shore2h 29m Intermediate
Penetration Testing: Advanced Kali Linuxwith Malcolm Shore2h 22m Intermediate
1. Preparing the Lab
Next steps1m 38s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.