BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: TheAllCommander\n   When: Friday\, Aug 12\, 10:00 - 
 11:55 PDT\n   Where: Caesars Forum - Accord Boardroom (Demo Labs) - [1]Map
 \n\n   SpeakerBio:Matthew Handy\n   Matt Handy completed his BS in Compute
 r Science at the University of\n   Maryland\, College Park (UMD) in 2010\,
  and MS in CyberSecurity at Johns\n   Hopkins in 2014. He has worked for N
 ASA's Goddard Space Flight Center\n   doing satellite ground systems devel
 opment since 2009. He has\n   specialized in secure software systems devel
 opment and has helped to\n   develop several missions over the course of h
 is career. In his off\n   time\, he enjoys doing independent security rese
 arch and creating tools\n   like TheAllCommander to help make a more secur
 e cyber world.\n\n   Description:\n   TheAllCommander is an open-source to
 ol which offers red teams and blue\n   teams a framework to rapidly protot
 ype and model malware\n   communications\, as well as associated client-si
 de indicators of\n   compromise. The framework provides a structured\, doc
 umented\, and\n   object-oriented API for both the client and server\, all
 owing anyone to\n   quickly implement a novel communications protocol betw
 een a simulated\n   malware daemon and its command and control server. For
  Blue Teamers\,\n   this allows rapid modeling of emerging threats and com
 prehensive\n   testing in a controlled manner to develop reliable detectio
 n models.\n   For Red Teamers\, this framework allows rapid iteration and 
 development\n   of new protocols and communications schemes with an easy t
 o use Python\n   interface. The framework has many tools or techniques use
 d by red\n   teams built in\, such as a SOCKS5 proxy\, which then use the 
 implemented\n   communication scheme. This allows comprehensive testing of
  the\n   detection and functional capability of the communication scheme\,
 \n   allowing for efficient design and development choices to be made\n   
 before committing to production tool development. To facilitate this\n   g
 oal\, TheAllCommander includes a Java based command and control server\n  
  with a simple API to allow new plug-ins for server-side control. There\n 
   is a python-based emulation client\, which can be easily extended using\
 n   the API to allow new client side communications code. Several\n   refe
 rence implementations for covert malware communication are\n   provided to
  allow out-of-the-box modeling\, including emulated client\n   browser HTT
 PS traffic\, DNS queries\, and email traffic. The tool chain\n   includes 
 support for several common Red Team tactics\, such as Remote\n   Desktop t
 unneling and FODHelper UAC bypass. This implementation\n   effectively gen
 erates both client side and network traffic indicators\n   of compromise.\
 n\n   Audience: Offense\, Defense\n\n   '\n\n   1. https://defcon.outel.or
 g/consolidated_page.html#CaesarsSummitBR\n\n\n
DTEND:20220812T185500Z
DTSTART:20220812T170000Z
LOCATION:DL - Caesars Forum - Accord Boardroom (Demo Labs)
SUMMARY:TheAllCommander
END:VEVENT
END:VCALENDAR