Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Beaconing Behavior #83

Open
4 tasks
DakotaNelson opened this issue Nov 15, 2015 · 1 comment
Open
4 tasks

Beaconing Behavior #83

DakotaNelson opened this issue Nov 15, 2015 · 1 comment
Milestone
0.2

Comments

@DakotaNelson
Copy link
Owner

We should introduce some parameters and configuration around sneaky-creeper's behavior when it comes to reaching out into the Internet.

TODO:

  • Obey rate limits
  • Enhance rate limit specifications already in the code so that the rate limits can be specified more accurately, whether they're daily, hourly, every 15 minutes, etc.
  • Allow for specifying sleep time between beacons
  • Allow for specifying skew/randomness into beaconing to avoid obvious frequency-domain spikes.

A great example to aspire to a subset of is Cobalt Strike's malleable C2.
@DakotaNelson DakotaNelson modified the milestone: 0.2 Nov 15, 2015
@DakotaNelson DakotaNelson mentioned this issue Nov 15, 2015
Closed
@davinerd
Copy link
Contributor

I'd only say that "sleep time between beacons" and "skew/randomness" should not be enforced by our library but by the 3rd-party tool (in our case, the screep example program), since sneaky-creeper is a library now.

I was thinking to about the rate limits yesterday while working on the other issues. I'll try to take a look.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
0.2
Development

No branches or pull requests
2 participants
@davinerd @DakotaNelson