Summary: “Living off the land” is a term well understood by both offensive and defensive teams. For offensive teams, it’s meant by using the technologies already present on the system, such as Powershell, Python, and even Perl for those who like a challenge (or are facing an older Unix system). On the defensive side, enhanced logging and locked down configurations are put in place to detect and prevent the use of these tools by malicious actors to either catch or prevent these actors from doing harm. Nathan Kirk (@sekirkity) joins me this week to talk about the concept behind “Bring Your Own Land”. Some links of interest: BYOL Article – https://www.fireeye.com/blog/threat-research/2018/06/bring-your-own-land-novel-red-teaming-technique.html SpecterOps – https://specterops.io/ Ghostpack – https://www.harmj0y.net/blog/redteaming/ghostpack/ SharpView – https://github.com/tevora-threat/SharpView Nathan’s Twitter – https://twitter.com/sekirkity Want to reach out to the show? There’s a few ways to get in touch! Purple Squad Security’s Twitter: @PurpleSquadSec John’s Twitter: @JohnsNotHere Podcast Website: purplesquadsec.com Sign-Up for our Slack community: https://signup.purplesquadsec.com Thanks for listening, and as always, I will talk with you all again next time.
