Hot Topics
Security Bloggers Network 
SBN

Introducing Slingshot C2 Matrix Edition

by SANS Blog on April 7, 2020
PENTEST_C2_Matrix_Workshop_Header.jpg

The C2 Matrix is a project created by SANS author and instructor Jorge Orchilles along with Bryson Bort and Adam Mashinchi of SCYTHE in order to address a need in the cybersecurity community for finding the correct Command and Control (C2) framework to suite your needs. The goal is to point you to the best C2 framework based on your adversary emulation plan and the target environment.

Slingshot C2 Matrix Edition, created in collaboration with SANS Edu MSISE student Ryan O’Grady, was made to lower the learning curve of installing C2 frameworks, getting you straight to testing which C2s work against your organization. Slingshot C2 Matrix Edition is ideal for red team, blue team, and purple team functions.

Slingshot C2 Matrix Edition brings the following C2s pre-installed:

Slingshot – C2 Matrix Edition also includes a number of other tools that red teamers and penetration testers will find useful such as VECTR for tracking red and purple team exercises.

Getting Started

Download the vmware OVA file here: https://www.sans.org/slingshot-vmware-linux/download

Ensure you have vmware Workstation, Player, or Fusion so that it can be imported. Double clicking it and clicking import should do the trick:

import-vm.png
Import the OVA file

The default network device is configured as NAT for your own safety. You may want to change this to bridged to be on your local LAN.

FAQ

What is the username and password of Slingshot? Username: slingshot Password: slingshot

Why is the image so big? The various Command and Control frameworks bring a number of dependencies. As we wanted this to be a standalone image, we have pre-downloaded and installed them for you.

What is the SHA256 sum:
e8f3aa841a5244c0419cab7006486be6bdd7c001282833e1fbd1e9698f80069e

For more information visit The C2 Matrix How To and select the Slingshot C2 Matrix Edition page.

Follow on Twitter: @C2Matrix@JorgeOrchilles#C2Matrix


Recent Articles By Author
More from SANS Blog

*** This is a Security Bloggers Network syndicated blog from SANS Blog authored by SANS Blog. Read the original post at: http://feedproxy.google.com/~r/SANSForensics/~3/Hbo0daB_eXw/introducing-slingshot-c2-matrix-edition

SANS Blog