Maelstrom: A C2 Series

01-03-2023

Maelstrom was a series of blogs michaeljranaldo and I put together to go over the internals of a C2 and implant development. Our goal was to not completely arm offensive individuals, but make an attempt on detailing the internals so that we could get more granular detections too.

Maelstrom: A C2 Series

• Maelstrom 1: An Introduction
• Maelstrom 2: The C2 Architecture
• Maelstrom 3: Building the Team Server
• Maelstrom 4: Writing a C2 Implant
• Maelstrom 5: EDR, Kernel Callbacks, Hooks, and Call Stacks
• Maelstrom 6: Working with AMSI and ETW for Red and Blue
• Maelstrom 7: Static OPSEC Review