Jakob Friedl
Jakob is a penetration tester and security professional from Austria. He is particularly passionate about offensive security, including network penetration testing and Windows malware development. By day he works in an internal penetration testing team, conducting and leading engagements, while at night he mostly works on Conquest, a malleable and modular C2 framework written in Nim.
Sessions
Using Beacon Object Files (BOFs) to execute external post-exploitation capabilities from a C2 agent has been a staple technique in offensive security for years now. The self-contained programs are great for one-off tasks, such as gaining situational awareness, elevating privileges or dumping credentials. Recently, BOFs have received a powerful upgrade that allows for them to be executed in the background, enabling long-running real-time monitoring functionality. This talk shows how the Conquest framework supports Async BOFs and how they can benefit modern red teaming.