d3vzer0

StreamIO domain/cert monitoring

I've been using Certificate Transparency as a source to detect phishing campaigns by using simple regex and fuzzy term monitoring. Recently I started developing an…

3 min read

Posted by Joey Dreijer a year ago

reternal mdns bonjour c2 pivot

Reternal Relay discovery with mDNS/Bonjour (WIP)

Inspired by an article discussing P2P command and control relaying I made an attempt at implementing mDNS to discover pivot points on a (local) network…

2 min read

Posted by Joey Dreijer a year ago

Certificate Transparency Faust

Certificate transparency mirror

In my previous article I wrote about using Faust to process certificate transparency data. To test accuracy and responsiveness I started storing all certificates in…

1 min read

Posted by Joey Dreijer a year ago

Faust Python Kafka Certificate Transparency

Supercharged certificate monitoring with Faust

Faust (https://faust.readthedocs.io/en/1.0/index.html) is a Python library for stream data processing. It allows you to asynchronously process data…

3 min read

Posted by Joey Dreijer a year ago

mitre reternal Command and Control Docker

Simulating MITRE ATT&CK with RE:TERNAL

MITRE ATT&CK(https://attack.mitre.org) is a pre-defined framework that categorises existing adversary techniques. The MITRE organisation puts a lot of effort…

4 min read

Posted by Joey Dreijer a year ago

Cobalt Strike Red Teaming Command and Control Docker HAProxy

Retaining beacon source IPs with HAProxy relays

During a red team exercise it's common to set up a relaying infrastructure to separate your external facing footprint from the actual command and control…

5 min read

Posted by Joey Dreijer 2 years ago