Texas Cyber Summit II

Larry will walk you thorugh the technical details of building nimble Red Team infrastructure that
leverages cloud native orchestration frameworks such as Kubernetes and service meshes
such as Istio. Special attention will be paid to containerizing and developing deployment
artifacts in Helm for popular C2 frameworks. Automated Kubernetes cluster deployment will be covered for AWS, Google Cloud, and Azure. Details will be given on configuring the Envoy proxy as a redirector and filter in order to obfuscate the infrastructure from unwanted probing by defenders. Techniques for real time monitoring of implant communication will be addressed. The talk will also review the recipes currently available in the Kubered framework (https://github.com/cloudc2/kubred) and other resources helpful for cloud native Red Team operations.