Robert Pimentel
Lead, Offensive Security @ Fortune 40 ; Github: pr0b3r7; Chief Hacker @ Hacker Hermanos
Actions
Robert is a seasoned offensive security professional with more than a decade of experience in Information Security.
He started his career in the U.S. Marine Corps, working on secure telecommunications. Robert holds a master's degree in Cybersecurity, numerous IT certifications, and a background as an instructor at higher education institutions like the New Jersey Institute of Technology and American University.
Robert is committed to sharing his knowledge and experiences for the benefit of others. He enjoys Brazilian steakhouses and cuddling with his pugs while writing Infrastructure as Code to automate Red Team Infrastructure.
Robert is currently serving as a Lead of Offensive Security at a Fortune 50 insurance company.
Links
Area of Expertise
Topics
New Skill Unlocked: C2 Infrastructure Automation
Join us for an immersive workshop that will revolutionize your approach to Command-and-Control (C2) infrastructure deployments. Whether you're a seasoned Red Team operator or just starting your offensive security journey, this workshop is designed to equip you with the tools and knowledge to create scalable, operationally secure C2 infrastructure using the power of automation.
In this hands-on session, we'll demystify the process of deploying and configuring C2 components, such as frameworks, redirectors, and associated compute infrastructure.
You'll learn how to leverage infrastructure as code principles to create consistent, reliable, and secure C2 deployments, all while minimizing the risk of human error.
We'll dive deep into the best practices for designing and implementing C2 infrastructure automation, with a strong emphasis on operational security from the ground up.
Our instructor will guide you through real-world examples and provide you with a solid foundation for building your own secure C2 deployments.
Whether you're looking to enhance your Red Team capabilities or simply want to streamline your offensive security workflows, this workshop is perfect for you.
Join us and unlock the ability to spend less time on 'Sysadmin' tasks and more time focusing on what matters most – attacking and improving your organization's security posture!
No prior experience with C2 infrastructure automation is required.
Our instructor will guide you every step of the way, ensuring that you leave the workshop with the confidence and skills to create secure, automated C2 deployments.
Don't miss this opportunity to take your offensive security skills to the next level. Register now and unlock the power of secure C2 infrastructure automation!
Command, Control, and memes: Cordyceps + ant = zombie
Command-and-Control (C2) channels enable remote control of devices compromised through various means. Some C2s use network protocols to relay messages from the compromised asset to the C2 server. While others blend in with commonly used applications and websites that are not malicious and have legitimate use cases in the target environment, making it even harder to detect (e.g. Discord to relay C2 traffic).
Deploying C2 requires knowledge to set up effectively. Components must be deployed and configured before a campaign can start and target assets are exploited to connect back to the C2 infrastructure to wait for commands and/or send gathered data.
It is not a secret that automation helps reduce the risk of human error on repetitive tasks, helps obtain consistent results and decreases the time necessary to perform a set of steps. It can also be applied to the deployment and configuration of C2 infrastructure components such as frameworks, redirectors, and associated compute infrastructure.
This talk intends to raise awareness on the functioning of what comprises a C2 deployment a Red Team can use during offensive cyber operations, how are its components deployed, configured, and secured as well as how this can all be performed in an automated manner. We’ll cover how an enterprise grade Red Team leverages Infrastructure as code with the goal of improving the security posture of the organization by spending less time doing ‘Sysadmin’ tasks and more time attacking!
Red Team Village at DEFCON 32 Sessionize Event
CactusCon 12 Sessionize Event
Robert Pimentel
Lead, Offensive Security @ Fortune 40 ; Github: pr0b3r7; Chief Hacker @ Hacker Hermanos
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top