NAT and Packet Capture

Malware of the Day – C2 over ICMP (ICMP-GOSH)

Malware of the Day – C2 over NTP (goMESA)

Malware of the Day – IPv6 Address Aliasing

Measuring Data Jitter Using RCR

Malware of the Day – Merlin C2 Data Jitter

A Network Threat Hunter’s Guide to C2 over QUIC

Malware of the Day – Tunneling RDP with Microsoft Dev Tunnels

Malware of the Day – Tunneling Havoc C2 with Microsoft Dev Tunnels

Malware of the Day – Specula

How Do Threat Hunting Tools Find Outbound Connections?

Running Zeek and RITA on Windows