Deep Dive: Malware Hunter
ATT&CK techniques detected
T1071.001Web Protocols
84%
"infected - all of its activity is benign. the information is accessible for free to everybody with a shodan account. here is a breakdown of the protocols that malware hunter currently identifies : you can use the api or cli to get a list of the ips : shodan stats - - facets ip : …"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1071.001Web Protocols
68%
"deep dive : malware hunter there are many ways to track command & control servers from bad guys but they often rely on looking for indicators in the service metadata ( ex. certificate information ). around a decade ago we developed a novel technique to proactively find the infras…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
There are many ways to track command & control servers from bad guys but they often rely on looking for indicators in the service metadata (ex. certificate information). Around a decade ago we developed a novel technique to proactively find the infrastructure: Malware Hunter. Malware Hunter finds command & control