TemplateMan Update [Tue Jul 18 08:23:15 UTC 2023] 🤖
parent
44a6a1fc87
commit
cb53e21d50
|
@ -5,12 +5,13 @@ info:
|
|||
author: pussycat0x
|
||||
severity: info
|
||||
description: |
|
||||
Cobalt Strike gives you a post-exploitation agent and covert channels to emulate a quiet long-term embedded actor in your customer's network.
|
||||
Cobalt Strike gives you a post-exploitation agent and covert channels to emulate a quiet long-term embedded actor in your customer's network.
|
||||
reference:
|
||||
- https://blog.sekoia.io/hunting-and-detecting-cobalt-strike/
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
shodan-query: ssl.jarm:07d14d16d21d21d07c42d41d00041d24a458a375eef0c576d23a7bab9a9fb1+port:443
|
||||
verified: true
|
||||
tags: jarm,c2,ir,osint
|
||||
|
||||
tcp:
|
||||
|
|
|
@ -9,6 +9,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/cedowens/C2-JARM
|
||||
- https://twitter.com/MichalKoczwara/status/1548685058403360770
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: c2,ir,osint,covenant,jarm
|
||||
|
||||
tcp:
|
||||
|
|
|
@ -9,6 +9,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/cedowens/C2-JARM
|
||||
- https://twitter.com/MichalKoczwara/status/1551632627387473920
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: c2,ir,osint,deimos,jarm,network
|
||||
|
||||
tcp:
|
||||
|
|
|
@ -9,6 +9,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/cedowens/C2-JARM
|
||||
- https://github.com/kgretzky/evilginx2
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: evilginx2,c2,phishing,jarm
|
||||
|
||||
tcp:
|
||||
|
|
|
@ -9,6 +9,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/cedowens/C2-JARM
|
||||
- https://github.com/r3nhat/GRAT2
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: shad0w,c2,osint,ir,jarm
|
||||
|
||||
tcp:
|
||||
|
|
|
@ -9,6 +9,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/cedowens/C2-JARM
|
||||
- https://github.com/cedowens/MacC2
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: c2,ir,osint,macc2,jarm
|
||||
|
||||
tcp:
|
||||
|
|
|
@ -9,6 +9,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/cedowens/C2-JARM
|
||||
- https://github.com/cedowens/MacShellSwift
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: c2,ir,osint,macshell,jarm
|
||||
|
||||
tcp:
|
||||
|
|
|
@ -9,6 +9,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/cedowens/C2-JARM
|
||||
- https://merlin-c2.readthedocs.io/en/latest/
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: c2,ir,osint,merlin,jarm
|
||||
|
||||
tcp:
|
||||
|
|
|
@ -9,6 +9,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/cedowens/C2-JARM
|
||||
- https://www.socinvestigation.com/shodan-filters-to-hunt-adversaries-infrastructure-and-c2/
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: c2,ir,osint,metasploit,jarm
|
||||
|
||||
tcp:
|
||||
|
|
|
@ -10,6 +10,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/cedowens/C2-JARM
|
||||
- https://www.socinvestigation.com/shodan-filters-to-hunt-adversaries-infrastructure-and-c2/
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: c2,ir,osint,mythic,jarm
|
||||
|
||||
tcp:
|
||||
|
|
|
@ -10,6 +10,8 @@ info:
|
|||
- - https://github.com/cedowens/C2-JARM
|
||||
- https://twitter.com/MichalKoczwara/status/1551639708949692416
|
||||
- https://poshc2.readthedocs.io/en/latest/
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: c2,ir,osint,posh,jarm
|
||||
|
||||
tcp:
|
||||
|
|
|
@ -9,6 +9,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/cedowens/C2-JARM
|
||||
- https://github.com/bats3c/shad0w
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: shad0w,c2,osint,ir,jarm
|
||||
|
||||
tcp:
|
||||
|
|
|
@ -9,6 +9,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/cedowens/C2-JARM
|
||||
- https://github.com/byt3bl33d3r/SILENTTRINITY
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: silenttrinity,c2,osint,ir,jarm
|
||||
|
||||
tcp:
|
||||
|
|
|
@ -9,6 +9,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/cedowens/C2-JARM
|
||||
- https://github.com/BishopFox/sliver
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: c2,ir,osint,sliver,jarm
|
||||
|
||||
tcp:
|
||||
|
|
Loading…
Reference in New Issue