NAT and Packet Capture
Malware of the Day – C2 over ICMP (ICMP-GOSH)
Malware of the Day – C2 over NTP (goMESA)
Malware of the Day – IPv6 Address Aliasing
Measuring Data Jitter Using RCR
Malware of the Day – Merlin C2 Data Jitter
A Network Threat Hunter’s Guide to C2 over QUIC
Malware of the Day – Tunneling RDP with Microsoft Dev Tunnels
Malware of the Day – Tunneling Havoc C2 with Microsoft Dev Tunnels
Malware of the Day – Specula
How Do Threat Hunting Tools Find Outbound Connections?
Running Zeek and RITA on Windows