|
Who are they impersonating?
|
Chinese Malware |
25 |
|
|
Iranian APT Tracking 2
|
Nation State - Iran |
25 |
|
|
OST - SSL Certificate Tracking
|
OST Tools |
50 |
|
|
Lactrodectus 4
|
Commodity Malware |
75 |
|
|
Lactrodectus 1
|
Commodity Malware |
25 |
|
|
Lactrodectus 2
|
Commodity Malware |
25 |
|
|
Lactrodectus 3
|
Commodity Malware |
25 |
|
|
Hunting Phishing Infrastructure
|
Starting Point |
100 |
|
|
SSL JARM analysis of the C2 Infrastructure
|
Chinese Malware |
50 |
|
|
OST Tools - Attributing the C2 server properties
|
OST Tools |
75 |
|
|
The Evolution of Chinese Malware
|
Chinese Malware |
25 |
|
|
Chinese Malware - Identifying ShadowPad Infrastructure
|
Chinese Malware |
10 |
|
|
The Economics of Phishing-as-a-Service
|
Starting Point |
25 |
|
|
Chinese Malware - APT Espionage Targeting
|
Chinese Malware |
25 |
|
|
Brute Ratel 3
|
OST Tools |
100 |
|
|
Pivoting 101 - 2
|
Pivoting 101 |
20 |
|
|
Pivoting 101 - 3
|
Pivoting 101 |
20 |
|
|
Pivoting 101 - 1
|
Pivoting 101 |
15 |
|
|
Havoc - Identifying Common Traits of These C2 Servers
|
OST Tools |
100 |
|
|
Havoc Framework C2 Profiling
|
OST Tools |
100 |
|
|
Chaos C2 - Defaults
|
OST Tools |
55 |
|
|
Havoc - Geolocating the C2 Infrastructure
|
OST Tools |
50 |
|
|
Expanding the Hunt
|
Starting Point |
100 |
|
|
Identifying RAT Activity in UK CNI Networks
|
Starting Point |
25 |
|
|
Impersonating cloud services
|
Starting Point |
25 |
|
|
Understanding the Threat Landscape
|
Starting Point |
25 |
|
|
A Familiar Face in the Dark
|
Starting Point |
25 |
|
|
Brute Ratel 1
|
OST Tools |
25 |
|
|
OST - Fingerprinting the C2 in Shodan
|
OST Tools |
25 |
|
|
OST - Attribution of the C2 Server
|
OST Tools |
25 |
|
|
OST - Identifying the Command-and-Control (C2) Server
|
OST Tools |
25 |
|