capa-rules icon indicating copy to clipboard operation
capa-rules copied to clipboard
verified publisher icon mandiant

HardHat C2 Detections

Open mike-hunhoff opened this issue 2 years ago • 2 comments

HardHat is a multiplayer c# .NET-based command and control framework. Designed to aid in red team engagements and penetration testing. HardHat aims to improve the quality of life factors during engagements by providing an easy-to-use but still robust C2 framework.

reference: https://github.com/DragoQCC/HardHatC2/tree/master/Engineer

mike-hunhoff avatar Mar 31 '23 18:03 mike-hunhoff

Hello @mike-hunhoff , I came across this good first issue and I would like to work on fixing it and would appreciate your guidance as I work on this issue. Let me know if you have any suggestions. can you assign me on this.

EmperialX avatar Apr 01 '23 16:04 EmperialX

Hello @mike-hunhoff , I came across this good first issue and I would like to work on fixing it and would appreciate your guidance as I work on this issue. Let me know if you have any suggestions. can you assign me on this.

Great! The goal here is to review the referenced HardHat C2 framework to determine what opportunities, if any, we have to develop new or update existing capa rules to detect techniques leveraged by the framework. If you're unfamiliar with writing capa rules I'd recommend reviewing our rule documentation here. Please reach out with any specific questions you may have and we'd be happy to answer.

mike-hunhoff avatar Apr 03 '23 16:04 mike-hunhoff