StreamIO domain/cert monitoring
I've been using Certificate Transparency as a source to detect phishing campaigns by using simple regex and fuzzy term monitoring. Recently I started developing an…
3 min read
Simulating MITRE ATT&CK with RE:TERNAL
MITRE ATT&CK(https://attack.mitre.org) is a pre-defined framework that categorises existing adversary techniques. The MITRE organisation puts a lot of effort…
4 min read
Retaining beacon source IPs with HAProxy relays
During a red team exercise it's common to set up a relaying infrastructure to separate your external facing footprint from the actual command and control…
5 min read