All times are in Pacific Daylight Time (UTC-0700).

  • Track: Main Channel: Friday 10/08 @ 1600-1655 PDT
  • Slides

Swift is a great language for offensive tooling due to ease of development compared to lower level languages (Objective-C/C/C++), while still having the flexibility to utilize said lower level languages when the job requires it.

In this talk, I’ll go into the research, development, and usage of a new Swift implant, Hermes, that can be used in modern red teaming operations. Hermes hooks into Cody Thomas’ Mythic framework, which serves as the controller.

I will dive into the various functionality implemented within Hermes that allows for secure communications, reconnaissance, code execution, data exfiltration, and extensibility with existing offensive tooling. Lastly, I will cover defensive considerations for different TTPs implemented within Hermes. Following this talk, Hermes will be open-sourced for security professionals to test and validate detections within macOS environments.

Justin Bui is a red teamer at Zoom and was previously a red team consultant at SpecterOps. He is passionate about all things security and helping organizations improve their security posture. Justin enjoys writing code and developing offensive tools, particularly around Windows/macOS post-exploitation.

Read More

twitter @slyd0g linkedin Justin Bui github slyd0g

© 2022 ShellCon