TemplateMan Update [Tue Jul 18 08:23:15 UTC 2023] 🤖

network/jarm/c2/cobalt-strike-c2-jarm.yaml

@@ -5,12 +5,13 @@ info:
   author: pussycat0x
   severity: info
   description: |
-     Cobalt Strike gives you a post-exploitation agent and covert channels to emulate a quiet long-term embedded actor in your customer's network.
+    Cobalt Strike gives you a post-exploitation agent and covert channels to emulate a quiet long-term embedded actor in your customer's network.
   reference:
     - https://blog.sekoia.io/hunting-and-detecting-cobalt-strike/
   metadata:
-    verified: true
+    max-request: 1
     shodan-query: ssl.jarm:07d14d16d21d21d07c42d41d00041d24a458a375eef0c576d23a7bab9a9fb1+port:443
+    verified: true
   tags: jarm,c2,ir,osint
 
 tcp:

network/jarm/c2/covenant-c2-jarm.yaml

@@ -9,6 +9,8 @@ info:
   reference:
     - https://github.com/cedowens/C2-JARM
     - https://twitter.com/MichalKoczwara/status/1548685058403360770
+  metadata:
+    max-request: 1
   tags: c2,ir,osint,covenant,jarm
 
 tcp:

network/jarm/c2/deimos-c2-jarm.yaml

@@ -9,6 +9,8 @@ info:
   reference:
     - https://github.com/cedowens/C2-JARM
     - https://twitter.com/MichalKoczwara/status/1551632627387473920
+  metadata:
+    max-request: 1
   tags: c2,ir,osint,deimos,jarm,network
 
 tcp:

network/jarm/c2/evilginx2-jarm.yaml

@@ -9,6 +9,8 @@ info:
   reference:
     - https://github.com/cedowens/C2-JARM
     - https://github.com/kgretzky/evilginx2
+  metadata:
+    max-request: 1
   tags: evilginx2,c2,phishing,jarm
 
 tcp:

network/jarm/c2/grat2-c2-jarm.yaml

@@ -9,6 +9,8 @@ info:
   reference:
     - https://github.com/cedowens/C2-JARM
     - https://github.com/r3nhat/GRAT2
+  metadata:
+    max-request: 1
   tags: shad0w,c2,osint,ir,jarm
 
 tcp:

network/jarm/c2/mac-c2-jarm.yaml

@@ -9,6 +9,8 @@ info:
   reference:
     - https://github.com/cedowens/C2-JARM
     - https://github.com/cedowens/MacC2
+  metadata:
+    max-request: 1
   tags: c2,ir,osint,macc2,jarm
 
 tcp:

network/jarm/c2/macshell-c2-jarm.yaml

@@ -9,6 +9,8 @@ info:
   reference:
     - https://github.com/cedowens/C2-JARM
     - https://github.com/cedowens/MacShellSwift
+  metadata:
+    max-request: 1
   tags: c2,ir,osint,macshell,jarm
 
 tcp:

network/jarm/c2/merlin-c2-jarm.yaml

@@ -9,6 +9,8 @@ info:
   reference:
     - https://github.com/cedowens/C2-JARM
     - https://merlin-c2.readthedocs.io/en/latest/
+  metadata:
+    max-request: 1
   tags: c2,ir,osint,merlin,jarm
 
 tcp:

network/jarm/c2/metasploit-c2-jarm.yaml

@@ -9,6 +9,8 @@ info:
   reference:
     - https://github.com/cedowens/C2-JARM
     - https://www.socinvestigation.com/shodan-filters-to-hunt-adversaries-infrastructure-and-c2/
+  metadata:
+    max-request: 1
   tags: c2,ir,osint,metasploit,jarm
 
 tcp:

network/jarm/c2/mythic-c2-jarm.yaml

@@ -10,6 +10,8 @@ info:
   reference:
     - https://github.com/cedowens/C2-JARM
     - https://www.socinvestigation.com/shodan-filters-to-hunt-adversaries-infrastructure-and-c2/
+  metadata:
+    max-request: 1
   tags: c2,ir,osint,mythic,jarm
 
 tcp:

network/jarm/c2/posh-c2-jarm.yaml

@@ -10,6 +10,8 @@ info:
     - - https://github.com/cedowens/C2-JARM
     - https://twitter.com/MichalKoczwara/status/1551639708949692416
     - https://poshc2.readthedocs.io/en/latest/
+  metadata:
+    max-request: 1
   tags: c2,ir,osint,posh,jarm
 
 tcp:

network/jarm/c2/shad0w-c2-jarm.yaml

@@ -9,6 +9,8 @@ info:
   reference:
     - https://github.com/cedowens/C2-JARM
     - https://github.com/bats3c/shad0w
+  metadata:
+    max-request: 1
   tags: shad0w,c2,osint,ir,jarm
 
 tcp:

network/jarm/c2/silenttrinity-c2-jarm.yaml

@@ -9,6 +9,8 @@ info:
   reference:
     - https://github.com/cedowens/C2-JARM
     - https://github.com/byt3bl33d3r/SILENTTRINITY
+  metadata:
+    max-request: 1
   tags: silenttrinity,c2,osint,ir,jarm
 
 tcp:

network/jarm/c2/sliver-c2-jarm.yaml

@@ -9,6 +9,8 @@ info:
   reference:
     - https://github.com/cedowens/C2-JARM
     - https://github.com/BishopFox/sliver
+  metadata:
+    max-request: 1
   tags: c2,ir,osint,sliver,jarm
 
 tcp: