Hatem Mohamed
Senior Red Team Consultant at Google Cloud Security
Google
Hatem is a Senior Red Team Consultant at Google Cloud (META), specializing in red team operations and adversary simulations. He leverages deep offensive security expertise to identify attack paths, exploit vulnerabilities, and devise mitigations.
Speaker sessions
Command and Collusion: Flipping the C2 Model for No-Egress Environments
Modern red team operations rarely play out in friendly territory. The days of wide-open egress are fading, replaced by environments where defenders tighten every screw. Outbound traffic is inspected, filtered, and often blocked entirely. A shell on a public-facing server might feel like a win, but in many cases, it comes with no DNS, no HTTP, and no callbacks at all. In these conditions, the familiar C2 playbook runs out of pages, and operators are forced to adapt or stall.In this session, we will flip the C2 model on its head. You will see how to turn "dead-end" footholds into fully functional command channels without a single outbound packet, blending covert tasking into legitimate inbound web traffic. We will break down the design choices, the stealth advantages, and the pitfalls you will want to avoid, then share tooling to make it work with your own implants and frameworks.If you have ever been stuck behind a wall of egress controls, you will walk away with a new blueprint and a few tricks to make the unreachable reachable.
- 18:00
- Thu
- 04 Dec
Stage:
Briefings 2
Sessions Type:
Presentation