Hiding Your C2 Traffic Under Discord & Slack Traffic

Bio: Arslan Masood is a penetration tester. Berk is a vulnerability researcher who can sing and act, but can’t dance. Both of them are a part of ExploitStudio, a cybersecurity community from Bilkent University.

Talk Contents: The presentation will demonstrate how an attacker can use Discord and Slack’s APIs in order to establish a reverse shell connection. By doing so, the attacker can easily guise their traffic under Discord or Slack’s traffic, staying undetected.