Logan MacLaren Staff Offensive Security Engineer, Huntress
Logan is the lead Offensive Security engineer at Huntress where he is responsible for planning and executing red team operations as well as bolstering incident response capability through purple team exercises. He has been a long time enthusiast in the security space, building a career spanning big data analytics, bug bounty, and offensive security.
Outside of his day job, Logan can often be found building and participating in CTF challenges, bug hunting in open source software, or learning new skills at conferences across the continent. He has had the honour of speaking at several DEFCON villages, NorthSec conferences, as well as multiple BSides and OWASP Ottawa events.
Workshop: Command & Conquer: A hands-on C2 primer for aspiring Red & Blue teamers
Workshops are first-come, first-serve and have limited capacity. Some workshops may be streamed for additional passive participation.
Command & Control (C2) is the backbone of modern offensive operations - and one of the most reliable detection opportunities for blue teams.
This hands-on workshop provides a unified view of C2 fundamentals for both offensive and defensive practitioners. Using the open-source Mythic framework, participants will deploy agents, handle callbacks, execute tasking with a focus on opsec, and design real detection logic based on their own generated telemetry.
The session will also cover basic C2 infrastructure design including redirectors and domain fronting, an overview of Mythic agent feature sets, and a high-level comparative analysis of major C2 frameworks used in industry today. Students should leave armed with practical introductory experience operating and detecting C2 activity across multiple platforms.
<h2>Participants must have the following equipment:</h2>
A laptop capable of running Docker containers and macOS or Windows VMs. It is highly recommended that students do not use company assets for this workshop as they are very likely to trigger AV/EDR when working with some payloads.
If you wish to host Mythic yourself (strongly recommended) an x86 host/VM is required. We will also be able to provide a limited shared environment for the C2 server for individuals who cannot host it themselves.