NAT and Packet Capture

Threat Hunting C2 over HTTPS Connections Using the TLS Certificate

Malware of the Day – C2 over ICMP (ICMP-GOSH)

Malware of the Day – C2 over NTP (goMESA)

Threat Hunting a Telegram C2 Channel

Malware of the Day – IPv6 Address Aliasing

Measuring Data Jitter Using RCR

Malware of the Day – Merlin C2 Data Jitter

A Network Threat Hunter’s Guide to C2 over QUIC

Malware of the Day – Tunneling RDP with Microsoft Dev Tunnels

Tuning Fail2ban

Malware of the Day – Tunneling Havoc C2 with Microsoft Dev Tunnels