TTP Emulation in 2024 - Ethan Pike & Leon Jacobs | 0xCON 2024 скачать в хорошем качестве

TTP Emulation in 2024 - Ethan Pike & Leon Jacobs | 0xCON 2024

abstract Have you ever wondered how APTs such as the North Korean Lazarus group [0] develop their malware? How exactly do they work, and what does it take to build their capabilities? In this talk, we’ll dive into how we recreated some of the Lazarus payloads, emulating their tactics and techniques in a unique purple team engagement. detail This talk will walk through the process of researching and developing custom payloads and tools emulating the Lazarus group, including how AI/LLMs assisted (everything is written in C/C++ after all). We'll have code snippets, demos, and plenty of technical information, including a custom C2 written for the job. Finally, we will close off with some of the struggles we encountered working as a team, from managing code repositories to doing silly things like rewriting our communications protocol. This talk will appeal to offensive security enthusiasts and those interested in understanding the potential role AI could play in the development of malware and other security tools. In addition, if you're interested in purple teaming, this one is for you! notes for reviewers This talk will be delivered by two people: Ethan Pike Leon Jacobs [0] https://en.wikipedia.org/wiki/Lazarus...