Webcast: In-Depth SILENTTRINITY Demo, Explanation & Walkthrough

Click on the timecodes to jump to that part of the video (on YouTube)

Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_SILENTTRINITYIndepthDemo.pdf

1:07 Quick review of SILENTTRINITY functions, an overview of Bring your own Interpreter (BYOI) capabilities, BYOI payload

7:08 BYOI/SILENTTRINITY in a nutshell, advantages vs. disadvantages

16:53 Overview of the almost 50 new modules that have been incorporated, live demo

38:12 Q&A on live demo

55:48 Helpful links and Closing Thoughts

This webcast was originally recorded live on October 1st, 2019 with John Strand and Marcello Salvati.

If you’re not familiar with SILENTTRNIITY: it’s an open-source modern, asynchronous, multiplayer & multiserver C2/post-exploitation framework. It’s the culmination of an extensive amount of research into using embedded third-party .NET scripting languages to dynamically call .NET API’s, a technique Marcello coined as BYOI (Bring Your Own Interpreter). The aim of this tool and the BYOI concept is to shift the paradigm back to PowerShell style like attacks (as it offers much more flexibility over C# tradecraft) only without using PowerShell in any way.

SILENTTRINITY has numerous features that make it stand out from other C2 frameworks; if he had to give you just 4:

  • Collaborative – you can share shells between multiple users and control multiple team servers from a single client.
  • Fully Modular – Modules, Listeners, Stagers, etc. are completely modular and designed to be easily extended.
  • Modern CLI Interface – Tab completion plus a lot of bells and whistles that make it look like an actual CLI from the 21st century.
  • Dynamic Evaluation/Compilation Using .NET Scripting Languages – The SILENTTRINITY implant is somewhat unique as it uses embedded third-party .NET scripting languages (e.g. Boolang) to dynamically compile/evaluate tasks.

Ready to learn more?

Level up your skills with affordable classes from Antisyphon!

Pay-What-You-Can Training

Available live/virtual and on-demand