As a student, you have:
- An HBO or WO level of education in the relevant domain.
- Experience with VBA / Word Macros;
- Experience with PowerShell;
- Experience with Initial Access techniques is a pre;
- Experience with evading exploitation mitigations is a pre;
- Experience with (basic) exploit development is a pre;
- The ability to work well in an international team environment;
- Good communication skills
- Clear documentation writing skills.
The project you will be working on:
Secura is performing real-world attack simulations called Red Teaming. The objective of these simulations is to emulate the tools, techniques and procedures of known Advanced Persistent Threats in order to test an organisations Cyber resilience capabilities. One of the components in an APT's attack chain is the deployment of malicious documents via phishing emails in order to gain remote control over a system.
Recently malicious documents got more and more attention by MicroSoft, as these are a common vector during attacks by malicious actors. Additional protections by Microsoft also make the work for us as a Red Team more difficult. That is why you can assist developing new techniques for this capability
As an intern, you will be tasked with the following:
- Acquire an understanding of the project and used technologies;
- Perform a study on the background of the topic so you can build on existing techniques;
- Research what methods used in the real world are working on up-to-date systems and what the limitations are;
- Test in what circumstances you can successfully deploy remote access software (for example a CobaltStrike Beacon);
- Throughly document the process and results;
- Create a workflow for creating malicious documents for different environments
- One of the most important new mitigations is the default blocking of macro's in documents downloaded from the internet by default. It will be your task to either work around this (for assessing document delivery in a container), assessing (new) non-macro based attack vectors or finding similar functionality in other filetypes that are commonly shared via email.
- Create a (Powershell/Python) script that automates the creation of malicious documents
- Take operational security (OPSEC) into account. How to stay undetected, and not leak information when detections by the Blue Team take place.