NAT and Packet Capture

June 12, 2025

Threat Hunting C2 over HTTPS Connections Using the TLS Certificate

May 29, 2025

Malware of the Day – C2 over ICMP (ICMP-GOSH)

May 15, 2025

Malware of the Day – C2 over NTP (goMESA)

April 17, 2025

Threat Hunting a Telegram C2 Channel

March 20, 2025

Malware of the Day – IPv6 Address Aliasing

March 6, 2025

Measuring Data Jitter Using RCR

February 20, 2025

Malware of the Day – Merlin C2 Data Jitter

February 6, 2025

A Network Threat Hunter’s Guide to C2 over QUIC

January 23, 2025

Malware of the Day – Tunneling RDP with Microsoft Dev Tunnels

January 9, 2025

Tuning Fail2ban

December 19, 2024

Malware of the Day – Tunneling Havoc C2 with Microsoft Dev Tunnels

December 5, 2024