Command and Control with Covenant from Pluralsight

Covenant C2 command and control uses just-in-time, in-memory, .NET compilation, and dynamic profiles to fool defensive detections. Skill up your red team techniques by leveraging the next generation of adversary command and control capabilities.

Testing systems against advanced adversary techniques is required not just for red team operations but for targeted testing of defensive and detective measures on a network. Growing the skills to emulate the steadily advancing adversary capabilities within your team is a moving target that is complicated by the multitude of attack techniques available. In this course, Command, and Control with Covenant, you will gain the ability to leverage the advanced .NET, in-memory compilation techniques used by the open-source Covenant project to emulate adversary communication within an environment. First, you will learn to install the command and control infrastructure used to control compromised systems. Next, you will explore how to create and install implants called grunts to connect back to the adversary server. Finally, you will explore how to run tasks, gather information, and spread laterally within the Covenant C2 framework. When you are finished with this course, you will have the skills and knowledge of the Covenant command and control framework needed to emulate post-exploitation techniques aligned with Mitre ATT&CK.

What's inside

Syllabus

Tool Introduction

Emulation Adversary C2 and Lateral Movement Operations with Covenant

Resources

Good to know

Know what's good

, what to watch for

, and possible dealbreakers

Taught by Aaron Rosenmund, who are recognized for their work in adversary command and control techniques and tools

Explores Covenant C2 framework, which is highly relevant for testing systems against adversary C2 capabilities

Develops skills in adversary command and control, which are useful for red team testing and cybersecurity

Builds a foundation in Covenant C2 framework for learners new to the tool

May require prior experience in system security and networking fundamentals

Activities

Be better prepared before your course. Deepen your understanding during and after it. Supplement your coursework and achieve mastery of the topics covered in Command and Control with Covenant with these activities:

Refresher: Introduction to Command and Control Concepts

Show steps

Review core concepts and foundational knowledge essential for understanding the material covered in this course.

Browse courses on Red Teaming

Show steps

Revisit materials from previous courses or experience related to command and control
Review the course description and materials
Engage in online discussions or forums to connect with other students and discuss the course material

Review C# fundamentals

Show steps

Review the basics of C# to ensure a solid understanding before diving into advanced topics.

Browse courses on Programming

Show steps

Review variables, data types, and operators.
Practice writing simple C# programs.
Complete online tutorials or exercises on C# basics.

Organize Your Covenant Learning Resources: Notes, Assignments, and Quizzes

Show steps

Enhance your learning experience by organizing and reviewing your course materials, including notes, assignments, and quizzes.

Show steps

Establish a system for taking organized notes during the course
Review your notes regularly to reinforce learning
Compile class assignments and quizzes for future reference

11 other activities

Expand to see all activities and additional details

Show all 14 activities

Read: The Art of Deception: Controlling the Human Element of Security

Show steps

Gain insights into the human element of security by reading this book, which explores social engineering and deception techniques.

View The Art of Deception: Controlling the Human... on Amazon

Show steps

Obtain a copy of the book
Read the book thoroughly
Take notes and highlight important concepts
Discuss the book's ideas with peers or online forums

Solve C# coding challenges

Show steps

Sharpen your C# programming skills by solving coding challenges online.

Show steps

Find online platforms or websites that offer C# coding challenges.
Start solving challenges, starting with easier ones and gradually moving to more difficult ones.
Analyze your solutions and identify areas for improvement.

Practice Installing and Configuring Covenant

Show steps

Gain hands-on experience by following guided tutorials to install and configure the Covenant C2 framework.

Browse courses on Installation

Show steps

Explore online tutorials and documentation for installing Covenant
Set up a lab environment for testing and practicing
Follow the provided tutorials to install and configure Covenant
Experiment with different configuration options and settings

Attend a workshop on advanced C2 techniques

Show steps

Expand your knowledge and network with experts in the field.

Show steps

Find and register for a workshop that covers advanced C2 techniques.
Attend the workshop and actively participate in discussions and exercises.
Take notes and ask questions to deepen your understanding.
Connect with other attendees and industry professionals.

Attend an Industry Meetup: Red Teaming and C2 Operations

Show steps

Expand your knowledge and network by attending industry events focused on red teaming and C2 operations.

Show steps

Research and identify relevant industry meetups and conferences
Prepare a brief self-introduction and elevator pitch
Attend the event and actively participate in discussions and networking
Follow up with new connections and explore potential collaborations

Build a simple command-line application using Covenant

Show steps

Apply your understanding of Covenant by building a real-world application.

Show steps

Follow a step-by-step tutorial on building a command-line application with Covenant.
Implement features such as sending commands, receiving responses, and handling errors.
Test your application and debug any issues.

Contribute to the Covenant Open-Source Project

Show steps

Gain practical experience by contributing to the development and improvement of the open-source Covenant project.

Browse courses on Community Development

Show steps

Review the Covenant codebase and identify potential areas for improvement
Submit bug reports or feature requests to the project repository
Write code contributions and submit pull requests for review

Challenge: Emulating Adversary Communication Patterns

Show steps

Sharpen your skills by simulating real-world adversarial behavior and practicing lateral movement techniques within the Covenant framework.

Browse courses on Lateral Movement

Show steps

Create custom scenarios for adversary communication emulation
Deploy Covenant implants and monitor their communications
Practice lateral movement techniques to pivot across a simulated network
Analyze communication patterns and identify potential detection mechanisms

Write a blog post or article on Covenant

Show steps

Solidify your knowledge by explaining Covenant to others through writing.

Show steps

Choose a specific aspect of Covenant to focus on, such as its architecture, features, or use cases.
Research and gather information from reliable sources.
Organize your thoughts and write a clear and concise blog post or article.
Share your writing with others and seek feedback.

Mentor a Junior Red Teamer: Sharing Your Covenant Knowledge

Show steps

Reinforce your understanding by mentoring others and sharing your expertise in using the Covenant framework.

Browse courses on Mentorship

Show steps

Identify opportunities to mentor or volunteer in the cybersecurity community
Share your knowledge and experience with junior red teamers
Provide guidance and support in using the Covenant framework and other C2 tools
Encourage your mentees to actively engage in learning and skill development

Project: Building a Custom C2 Server with Covenant

Show steps

Deepen your understanding of the Covenant framework by creating a custom C2 server with enhanced capabilities.

Show steps

Research and design advanced features and functionality
Extend the Covenant codebase to implement custom functionality
Test and debug your custom server in a controlled environment
Document your enhancements and share your findings with the community

Career center

Learners who complete Command and Control with Covenant will develop knowledge and skills that may be useful to these careers:

Penetration Tester

Penetration Testers evaluate computer systems, networks, and software applications for security vulnerabilities. By using a mix of manual and automated testing techniques, they attempt to exploit these vulnerabilities in the same manner as a malicious actor would, allowing organizations to identify and fix the problems before an actual attack can occur. This course helps build a foundation in command and control techniques that are used by adversaries, helping Penetration Testers in their mission to keep networks and systems secure.

See salaries and explore the career path for Penetration Tester

Security Analyst

Security Analysts monitor and analyze security systems for vulnerabilities and suspicious activity. When an attack or breach occurs, they respond and take steps to contain the damage and prevent future attacks. This course helps Security Analysts in their efforts to detect and respond to advanced adversary techniques, as it provides hands-on experience with one such framework. The knowledge gained in this course will help Security Analysts stay ahead of attackers and implement more effective security measures.

See salaries and explore the career path for Security Analyst

Cybersecurity Engineer

Cybersecurity Engineers design, implement, and maintain security measures to protect computer systems, networks, and data from attacks. They work to prevent, detect, and respond to security incidents, and they stay up-to-date on the latest security threats and trends. This course helps build a strong foundation in adversary command and control techniques, providing Cybersecurity Engineers with the knowledge and skills needed to design and implement more effective security measures.

See salaries and explore the career path for Cybersecurity Engineer

Incident Responder

Incident Responders are responsible for responding to and managing security incidents. They work to contain the damage caused by an attack, identify the source of the attack, and prevent future attacks from occurring. This course helps Incident Responders in their mission by providing hands-on experience with adversary command and control techniques. This knowledge will help them to better understand how attackers operate and to develop more effective incident response strategies.

See salaries and explore the career path for Incident Responder

Threat Intelligence Analyst

Threat Intelligence Analysts collect and analyze information about threats to computer systems, networks, and data. They use this information to create reports and advisories that help organizations to protect themselves from attacks. This course helps build a strong foundation in adversary command and control techniques, providing Threat Intelligence Analysts with the knowledge and skills needed to collect and analyze more accurate and useful information about threats.

See salaries and explore the career path for Threat Intelligence Analyst

Malware Analyst

Malware Analysts analyze malicious software to understand how it works, how it spreads, and how to detect and remove it. They also work to develop new techniques for detecting and preventing malware attacks. This course helps build a foundation in command and control techniques used by malware, providing Malware Analysts with the knowledge and skills needed to analyze malware more effectively and to develop more effective detection and prevention techniques.

See salaries and explore the career path for Malware Analyst

Red Teamer

Red Teamers are cybersecurity professionals who use adversarial techniques to test the security of computer systems, networks, and data. They work to identify vulnerabilities and weaknesses in security systems, and they help organizations to improve their security posture. This course provides Red Teamers with hands-on experience with adversary command and control techniques, which are indispensable in their mission to simulate real-world attacks.

See salaries and explore the career path for Red Teamer

Cybersecurity Architect

Cybersecurity Architects design and implement security measures to protect computer systems, networks, and data from attacks. They work with organizations to develop security strategies and policies, and they oversee the implementation of security technologies. This course helps Cybersecurity Architects in their mission by providing hands-on experience with adversary command and control techniques, building a foundation in the techniques used by adversaries, which they can use to design and implement more effective security measures.

See salaries and explore the career path for Cybersecurity Architect

Vulnerability Manager

Vulnerability Managers are responsible for identifying, assessing, and mitigating vulnerabilities in computer systems, networks, and data. They work to prioritize vulnerabilities and to develop and implement remediation plans. This course helps Vulnerability Managers in their mission by providing hands-on experience with adversary command and control techniques, as this builds a foundation in techniques used by adversaries to exploit vulnerabilities, which they can use to better prioritize and remediate vulnerabilities.

See salaries and explore the career path for Vulnerability Manager

Cloud Security Engineer

Cloud Security Engineers design and implement security measures to protect cloud-based systems, networks, and data. They work with organizations to develop cloud security strategies and policies, and they oversee the implementation of cloud security technologies. This course helps Cloud Security Engineers in their mission by providing hands-on experience with adversary command and control techniques, building a foundation in the techniques used by adversaries to evade cloud-based security measures, which they can use to design and implement more effective security measures.

See salaries and explore the career path for Cloud Security Engineer

Security Consultant

Security Consultants provide advice and guidance to organizations on how to improve their security posture. They work with organizations to assess their security risks, develop security strategies, and implement security measures. This course helps Security Consultants in their mission by providing hands-on experience with adversary command and control techniques, as it provides an overview of the techniques used by adversaries to exploit vulnerabilities and evade detection, which they can use to provide more effective advice and guidance to their clients.

See salaries and explore the career path for Security Consultant

Network Security Engineer

Network Security Engineers design, implement, and maintain security measures to protect computer networks from attacks. They work to prevent, detect, and respond to network security incidents. This course helps Network Security Engineers in their mission by providing hands-on experience with adversary command and control techniques, as it provides a foundation in the techniques used by adversaries to penetrate networks and evade detection, which they can use to design and implement more effective security measures.

See salaries and explore the career path for Network Security Engineer

Forensic Analyst

Forensic Analysts investigate computer systems, networks, and data to collect evidence of crimes. They work to recover data that has been deleted or damaged, and they analyze data to identify patterns and trends. This course may be useful for Forensic Analysts, as it provides an overview of the techniques used by attackers to cover their tracks, which can help Forensic Analysts to develop more effective investigation techniques.

See salaries and explore the career path for Forensic Analyst

Security Researcher

Security Researchers develop new techniques for detecting and preventing security attacks. They work to identify vulnerabilities in computer systems, networks, and data, and they develop new methods for protecting against these vulnerabilities. This course may be useful for Security Researchers, as it provides in-depth knowledge of the techniques used by attackers to evade detection, which can help Security Researchers to develop more effective detection and prevention techniques.

See salaries and explore the career path for Security Researcher

Software Developer

Software Developers design, develop, and maintain software applications. They work to create software that is secure, reliable, and efficient. This course may be useful for Software Developers, as it provides an overview of the techniques used by attackers to exploit vulnerabilities in software, which can help Software Developers to write more secure code.

See salaries and explore the career path for Software Developer