Tight network restrictions might hinder the ability to establish a C2 communication channel. To overcome these limitations an offensive security analyst will rely on abusing other legitimate protocols. In this course, Exfiltration with Dnscat2, you’ll cover how to utilize Dnscat2 for data exfiltration in a red team environment. First, you’ll set up an alternative C2 channel. Next, you’ll bypass network restrictions. Finally, you’ll simulate a data exfiltration attack. When you’re finished with this course, you’ll have the skills and knowledge to execute these techniques T1048, T1022, and T1071 using Dnscat2.
Cristian is a Information Security Professional with experience in supply chain, manufacturing, gaming, and
entertainment sectors for Fortune 500 companies. He has provided expertise in incident response cases by
performing forensic investigations, malware analysis, and elaborating mitigation plans against
complex cyber attacks.
Course Overview Welcome to Pluralsight and this Read Team tools course featuring dnscat2, the open‑source DNS tunneling tool developed and maintained by Ron Bowes. As the Red Team operator, you may have come across scenarios in which access from the compromised systems to your C2 infrastructure becomes restricted. This is where dnscat2 comes into play, enabling you to set up a command and control channel over an encrypted DNS tunnel between a compromised machine and an authoritative DNS server that is under your control. Using dnscat2, you will be able to bypass firewalls by traversing the DNS hierarchy. The principle behind dnscat2 is quite simple. It takes advantage of legitimate use of name resolution, which is allowed outbound in order for systems to actually reach the internet. Whether you're looking to enhance your capabilities during Red Team operations or just to test your environment's defenses against complex adversarial techniques, join me as we'll set up dnscat2 on an authoritative domain to exflitrate data from a target system.