Command and Control with Covenant

Covenant C2 command and control uses just-in-time, in-memory, .NET compilation, and dynamic profiles to fool defensive detections. Skill up your red team techniques by leveraging the next generation of adversary command and control capabilities.
Course info
Rating
(13)
Level
Intermediate
Updated
Dec 31, 2019
Duration
19m
Table of contents
Description
Course info
Rating
(13)
Level
Intermediate
Updated
Dec 31, 2019
Duration
19m
Description

Testing systems against advanced adversary techniques is required not just for red team operations but for targeted testing of defensive and detective measures on a network. Growing the skills to emulate the steadily advancing adversary capabilities within your team is a moving target that is complicated by the multitude of attack techniques available. In this course, Command, and Control with Covenant, you will gain the ability to leverage the advanced .NET, in-memory compilation techniques used by the open-source Covenant project to emulate adversary communication within an environment. First, you will learn to install the command and control infrastructure used to control compromised systems. Next, you will explore how to create and install implants called grunts to connect back to the adversary server. Finally, you will explore how to run tasks, gather information, and spread laterally within the Covenant C2 framework. When you are finished with this course, you will have the skills and knowledge of the Covenant command and control framework needed to emulate post-exploitation techniques aligned with Mitre ATT&CK.

About the author
About the author

Aaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation.

More from the author
OS Analysis with HELK
Intermediate
29m
Jul 21, 2020
More courses by Aaron Rosenmund
Section Introduction Transcripts
Section Introduction Transcripts

Tool Introduction
Welcome to Pluralsight and this cybersecurity tools course featuring Covenant, the open source command and control tool developed and maintained by Ryan Cobb. As a Red Team Operator, you've had a great run with tools like Meterpreter and PS Empire, but with prolific adoption of more advanced endpoint detection response tools, you have to look for new ways to maintain your foothold in compromised systems. .NET compilation on the target systems in‑memory is showing promise as a stable and stealthy technique, and Covenant is the C2 platform built to capitalize on that capability. Staying true to the lore of Halo's organized alien hierarchy, you and your team can collaborate on this weaponized platform to create implants called grunts and deploy, manage, and spread them across compromised networks, taking various blood purging actions as you see fit along the way. Whether you're ready to integrate a new command and control capability into your red team operations or just looking to test your network defenses against the latest adversarial techniques, join me to learn tips and tricks for installation and general operation of Covenant, today.