Conti TTPs using Atomic Red Team and Detection Lab & C2 Infrastructure Hunting

Michael Koczwara

7 min readAug 26, 2021

--

Agenda

Conti C2 Infrastructure Analysis (Cobalt Strike and Metasploit).
Conti TTPs in Assumed Breach Scenario.
Adversary Emulation (Conti TTPs) using Atomic Red Team and Detection Lab (T1033.001: Credential Dumping: LSASS Memory).
Summary and things to…

Michael Koczwara

Written by Michael Koczwara

Security Researcher

Recommended from Medium

Michael Koczwara

Adversaries Infrastructure-Ransomware Groups, APTs, and Red Teams

What you can learn from scanning adversaries' infra?

4 min readDec 30, 2022

--

Michael Koczwara

Sliver C2 Implant Analysis

Sliver C2 Implant Analysis

8 min readJan 12

--

Lists

Staff Picks

327 stories82 saves

Stories to Help You Level-Up at Work

19 stories53 saves

Self-Improvement 101

20 stories105 saves

Productivity 101

20 stories113 saves

Invictus Incident Response

Email Forwarding Rules in Microsoft 365

The ultimate guide to analysing and understanding email forwarding rules in the Unified Audit Log (UAL)

8 min readFeb 20

--

Adam Goss

The Holy Bible of Threat Intelligence

Let’s explore the MITRE ATT&CK framework and find out why it’s the number #1 tool for any cyber threat intelligence analyst!

9 min readFeb 20

--

Antivirus vs EDR vs XDR © 2022 leeshanok

Richard de Vries
in
Tales from a Security Professional

Is EDR with Sysmon enough? Or do you need XDR as well?

Although the difference is just one letter, the level of protection is a different story…

3 min readJan 29

--

Abdullahi Ali

A Simple Elastic SIEM Lab

In this guide, I’ll walk you through steps on how to set up a home lab for Elastic Stack Security Information and Event Management (SIEM)…

10 min readMay 12

--

See more recommendations

Help
Status
Writers
Blog
Careers
Privacy
Terms
About
Text to speech