First, I work with my clients to determine which products/systems will be tested in the customer's network and what approximate results can be expected. The next step is to consider possible scenarios for the egress / C2 test.
Egress / C2-Test
Preparation for Internal Attacks
When it comes to IT security, many companies are still relying more and more on protecting the perimeter, i.e. the "transition" between the corporate network and the public networks. In practice, however, attacks using the external firewall as an entry point are becoming increasingly rare. Instead, hackers are increasingly using malware (e.g. phishing emails) to get a foot in the door and, if successful, establish a communication channel from inside to outside (command and control, or C2). This approach gives the attacker a significant advantage, as outbound communications are not monitored as closely as inbound communications in many organisations. Command and control connections are often the basis for (usually very long) undetected intrusions and data theft in companies.