Extracting Lines of Interest From Zeek Logs
NAT and Packet Capture
Threat Hunting C2 over HTTPS Connections Using the TLS Certificate
Malware of the Day – C2 over ICMP (ICMP-GOSH)
The Beginner’s Guide to Command and Control Part 2 – The Role of C2 in Modern Threat Campaigns
Malware of the Day – C2 over NTP (goMESA)
The Beginner’s Guide to Command and Control Part 1 – How C2 Frameworks Operate
Threat Hunting a Telegram C2 Channel
Malware of the Day – IPv6 Address Aliasing
Measuring Data Jitter Using RCR
Malware of the Day – Merlin C2 Data Jitter
A Network Threat Hunter’s Guide to C2 over QUIC