Adversary Village

Cas Van Cooten

Red Team Operator at ABN AMRO Bank

Cas van Cooten is an offensive security enthusiast and Red Team Operator at ABN AMRO Bank in The Netherlands. He started out as a "fluffy" information security strategy consultant, but exchanged his suit for a hoodie when he realized he was more of a hacker than a strategist.

He likes evading defenses by developing offensive security tooling and malware, specifically in the Nim programming language. He developed tools such as 'Nimplant', 'NimPackt', and 'BugBountyScanner', is a HackTheBox machine author, and likes shitposting on his Twitter timeline.

Talk: Nimbly Navigating a Nimiety of Nimplants: Writing Nim Malware Like The Cool Kids
Technical Talk Adversary Tradecraft

All the cool kids are using obscure programming languages to write malware nowadays. Offensive security professionals (as well as threat actors with cool names) are increasingly wrapping their malware in languages such as Go, Rust, or Nim. This talk will break down why Nim is a prime candidate for malware development and how it allows you to write low-level functionality without having to bother learning "actually complicated" low-level languages such as C.
We will dive into the intricacies of various open-source Nim tools and analyze how they manage to evade defenses such as AV and EDR, providing you with the foundation needed to get started building your own Nim-based malware. If you're interested in learning Nim, malware development, or are just tagging along to build better detections - consider this your invitation into the wondrous world of Nim malware.