NAT and Packet Capture
Threat Hunting C2 over HTTPS Connections Using the TLS Certificate
Malware of the Day – C2 over ICMP (ICMP-GOSH)
Malware of the Day – C2 over NTP (goMESA)
Threat Hunting a Telegram C2 Channel
Malware of the Day – IPv6 Address Aliasing
Measuring Data Jitter Using RCR
Malware of the Day – Merlin C2 Data Jitter
A Network Threat Hunter’s Guide to C2 over QUIC
Malware of the Day – Tunneling RDP with Microsoft Dev Tunnels
Tuning Fail2ban
Malware of the Day – Tunneling Havoc C2 with Microsoft Dev Tunnels