Internet Storm Center
Sign In
Sign Up
Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
2022-06-30
Brad Duncan
Case Study: Cobalt Strike Server Lives on After Its Domain Is Suspended
2022-03-16
Brad Duncan
Qakbot infection with Cobalt Strike and VNC activity
2022-01-09
Didier Stevens
Extracting Cobalt Strike Beacons from MSBuild Scripts
2021-11-07
Didier Stevens
Video: Decrypting Cobalt Strike Traffic With Keys Extracted From Process Memory
2021-11-06
Didier Stevens
Decrypting Cobalt Strike Traffic With Keys Extracted From Process Memory
2021-10-25
Didier Stevens
Decrypting Cobalt Strike Traffic With a "Leaked" Private Key
2021-08-11
Brad Duncan
TA551 (Shathak) continues pushing BazarLoader, infections lead to Cobalt Strike
2021-05-30
Didier Stevens
Video: Cobalt Strike & DNS - Part 1
2021-03-15
Didier Stevens
Finding Metasploit & Cobalt Strike URLs
2021-02-14
Didier Stevens
Video: tshark & Malware Analysis
2021-01-13
Brad Duncan
Hancitor activity resumes after a hoilday break
2020-11-23
Didier Stevens
Quick Tip: Cobalt Strike Beacon Analysis
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
The Internet Storm Center is a community for everyone, so
join the conversation