daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update quasar-rat-c2.yaml

patch-1
pussycat0x 2023-11-07 11:09:44 +05:30 committed by GitHub
parent e734668026
commit 7f81d1fc88
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ssl/c2/quasar-rat-c2.yaml
View File

@ -14,6 +14,7 @@ info:
shodan-query: ssl.cert.subject.cn:"Quasar Server CA" shodan-query: ssl.cert.subject.cn:"Quasar Server CA"
censys-query: 'services.tls.certificates.leaf_data.subject.common_name: {"Quasar Server CA"}' censys-query: 'services.tls.certificates.leaf_data.subject.common_name: {"Quasar Server CA"}'
tags: c2,ir,osint,malware,quasar,rat tags: c2,ir,osint,malware,quasar,rat
ssl: ssl:
- address: "{{Host}}:{{Port}}" - address: "{{Host}}:{{Port}}"
matchers: matchers:
@ -21,7 +22,6 @@ ssl:
part: issuer_cn part: issuer_cn
words: words:
- "Quasar Server CA" - "Quasar Server CA"
condition: or
extractors: extractors:
- type: json - type: json