UNKNOWN
Common Information
Type Value
UUID 84aff268-c4d1-43e6-8daf-7d216e8673f4
Fingerprint afc49ead6ceabe0d
Analysis status IN_PROGRESS
Considered CTI value 0
Text language
Published None
Added to db Dec. 20, 2024, 2:54 p.m.
Last updated Dec. 23, 2024, 12:17 p.m.
Headline UNKNOWN
Title UNKNOWN
Detected Hints/Tags/Attributes 54/1/243
Source URLs
Attributes
Details Type #Events CTI Value
Details Domain 4702
github.com
Details Domain 2
cheatsheet.md
Details Domain 17
sensepost.com
Details Domain 7
dns.google.com
Details Domain 2
force.tencent.com
Details Domain 59
www.freebuf.com
Details Domain 25
www.cnblogs.com
Details Domain 28
posts.specterops.io
Details Domain 2
bluescreenofjeff.com
Details Domain 25
www.anquanke.com
Details Domain 14
www.blackhillsinfosec.com
Details Domain 22
zhuanlan.zhihu.com
Details Domain 67
www.cloudflare.com
Details Domain 25
infosecwriteups.com
Details Domain 675
en.wikipedia.org
Details Domain 3
www.icir.org
Details Domain 2
evi1cg.me
Details Domain 94
xz.aliyun.com
Details Domain 1
www.moonsec.com
Details Domain 2
www.ntop.org
Details Domain 197
www.zdnet.com
Details Domain 297
mp.weixin.qq.com
Details Domain 5
xlab.tencent.com
Details Domain 10
cobalt.io
Details Domain 16
lab.wallarm.com
Details Domain 137
portswigger.net
Details Domain 1
www.signalsciences.com
Details Domain 2
blog.securelayer7.net
Details Domain 42
www.akamai.com
Details Domain 8
zh.wikipedia.org
Details Domain 3
2019.www.torproject.org
Details Domain 452
www.microsoft.com
Details Domain 13
www.synack.com
Details Domain 16
www.mdsec.co.uk
Details Domain 2
www.tor2web.org
Details Domain 1
www.tor2web.to
Details Domain 2
gitlab.torproject.org
Details Domain 200
www.fireeye.com
Details Domain 133
www.sentinelone.com
Details Domain 1
www.n00py.io
Details Domain 12
pentestlab.blog
Details Domain 1
blog.blazeinfosec.com
Details Domain 1
drops.xmd5.com
Details Domain 1
truneski.github.io
Details Domain 10
rhinosecuritylabs.com
Details Domain 62
blog.avast.com
Details Domain 23
www.malwaretech.com
Details Domain 97
securityintelligence.com
Details Domain 7
reaqta.com
Details Domain 6
www.javatpoint.com
Details Domain 24
www.hackingarticles.in
Details Domain 1
eelsivart.blogspot.com
Details Domain 2
oscp.infosecsanyam.in
Details Domain 20
ngrok.com
Details Domain 1
einverne.github.io
Details Domain 1
www.cipherdyne.org
Details Domain 418
attack.mitre.org
Details Domain 7
www.4hou.com
Details Domain 1
f5.pm
Details Domain 8
www.bilibili.com
Details Domain 1
www.topsec.com.cn
Details Domain 2
data.netlab.360.com
Details Domain 4
zvelo.com
Details Domain 1
jason-trost.medium.com
Details Domain 1
fortynorthsecurity.com
Details Domain 14
blog.xpnsec.com
Details Domain 29
blog.nsfocus.net
Details Domain 1
vullnerability.com
Details Domain 3
0xpatrik.com
Details Domain 23
www.hackerone.com
Details Domain 6752
163.com
Details File 1
235651.html
Details File 1
189948.html
Details File 1
15113996.html
Details File 1
meek-pets-2015.pdf
Details File 1
domain_fronting.html
Details File 1
276159.html
Details File 918
index.html
Details File 12
overview.html
Details File 1
tor_fronting.html
Details File 1
apt29_domain_frontin.html
Details File 1
tips-16142.html
Details File 1
hidden-vnc-for-beginners.html
Details File 15
www.java
Details File 1
python-tty-reverse-shell-over-ipv6-one.html
Details File 2
oscp.inf
Details File 1
how-to-use-port-knocking-hide-ssh-daemon-port.html
Details File 1
fwknop-tutorial.html
Details File 1
go-33799.html
Details File 1
11301730.html
Details File 1
4797.html
Details File 1
红蓝对抗之隐蔽通信应用及防御.pptx
Details Github username 9
swisskyrepo
Details Github username 5
iagox86
Details Github username 26
sensepost
Details Github username 12
spiderlabs
Details Github username 9
curl
Details Github username 3
rebeyond
Details Github username 3
antswordproject
Details Github username 6
rsmudge
Details Github username 2
xx0hcd
Details Github username 2
arno0x
Details Github username 7
ne0nd0g
Details Github username 1
sixgeninc
Details Github username 1
ridter
Details Github username 1
tor2web
Details Github username 3
maldevel
Details Github username 2
n00py
Details Github username 14
byt3bl33d3r
Details Github username 3
paulsec
Details Github username 1
blazeinfosec
Details Github username 5
0x09al
Details Github username 3
alphaseclab
Details Github username 1
bdamele
Details Github username 1
nocow4bob
Details Github username 2
mrash
Details Github username 2
baderj
Details MITRE ATT&CK Techniques 100
T1132
Details MITRE ATT&CK Techniques 29
T1568
Details Url 2
https://github.com/swisskyrepo/payloadsallthethings/blob/master/methodology
Details Url 3
https://github.com/iagox86/dnscat2
Details Url 1
https://github.com/sensepost/godoh
Details Url 1
https://github.com/spiderlabs/dohc2
Details Url 1
https://sensepost.com/blog/2018/waiting-for-godoh
Details Url 1
https://community.rsa.com/t5/netwitness-blog/using-the-rsa-netwitness-platform-to-detect-c-c-godoh/ba-p/520484
Details Url 1
https://dns.google.com/resolve?name=force.tencent.com
Details Url 1
https://github.com/curl/curl/wiki/dns-over-https
Details Url 1
https://www.freebuf.com/articles/web/235651.html
Details Url 2
https://github.com/rebeyond/behinder
Details Url 2
https://github.com/antswordproject/antsword
Details Url 1
https://www.freebuf.com/news/189948.html
Details Url 1
https://www.cnblogs.com/nul1/p/15113996.html
Details Url 2
https://github.com/rsmudge/malleable-c2-profiles
Details Url 1
https://github.com/xx0hcd/malleable-c2-profiles
Details Url 2
https://posts.specterops.io/a-deep-dive-into-cobalt-strike-malleable-c2-6660e33b0e0b
Details Url 1
https://bluescreenofjeff.com/2016-06-28-cobalt-strike-http-c2-redirectors-with-apache-mod_rewrite
Details Url 1
https://www.anquanke.com/post/id/104784
Details Url 1
https://github.com/arno0x/wsc2
Details Url 1
https://www.blackhillsinfosec.com/command-and-control-with-websockets-wsc2
Details Url 3
https://github.com/ne0nd0g/merlin
Details Url 1
https://zhuanlan.zhihu.com/p/102561034
Details Url 1
https://www.cloudflare.com/zh-cn/learning/cdn/what-is-a-cdn
Details Url 1
https://infosecwriteups.com/finding-the-origin-ip-behind-cdns-37cd18d5275
Details Url 1
https://en.wikipedia.org/wiki/domain_fronting
Details Url 1
https://www.icir.org/vern/papers/meek-pets-2015.pdf
Details Url 1
https://evi1cg.me/archives/domain_fronting.html
Details Url 1
https://www.freebuf.com/articles/network/276159.html
Details Url 2
https://xz.aliyun.com/t/4509
Details Url 1
https://www.moonsec.com/archives/2928
Details Url 1
https://www.ntop.org/ndpi/how-to-detect-domain-hiding-a-k-a-as-domain-fronting
Details Url 1
https://www.zdnet.com/article/def-con-new-tool-brings-back-domain-fronting-as-domain-hiding
Details Url 1
https://github.com/sixgeninc/noctilucent
Details Url 1
https://github.com/ridter/domainhiding
Details Url 1
https://mp.weixin.qq.com/s/dfjzdf74u_ilrn9ylmikua
Details Url 1
https://xlab.tencent.com/cn/2021/05/14/domain-borrowing
Details Url 1
https://www.blackhat.com/asia-21/briefings/schedule/index.html#domain
Details Url 1
https://cobalt.io/blog/a-pentesters-guide-to-http-request-smuggling
Details Url 1
https://lab.wallarm.com/cloudflare-fixed-an-http-2-smuggling-vulnerability
Details Url 4
https://portswigger.net/web-security/request-smuggling
Details Url 1
https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn
Details Url 1
https://portswigger.net/web-security/request-smuggling/exploiting
Details Url 1
https://www.signalsciences.com/blog/detecting-and-mitigating-http-request-smuggling
Details Url 1
https://blog.securelayer7.net/http-request-smuggling
Details Url 1
https://www.akamai.com/blog/security/http-2-request-smulggling
Details Url 1
https://zh.wikipedia.org/wiki/tor
Details Url 1
https://2019.www.torproject.org/about/overview.html.en
Details Url 1
https://2019.www.torproject.org/docs/tor-onion-service
Details Url 1
https://www.microsoft.com/security/blog/2014/03/05/sefnits-tor-botnet-cc-details
Details Url 1
https://www.synack.com/blog/mac-malware-2016
Details Url 1
https://evi1cg.me/archives/tor_fronting.html
Details Url 1
https://www.mdsec.co.uk/2017/02/tor-fronting-utilising-hidden-services-for-privacy
Details Url 1
https://www.tor2web.org
Details Url 1
https://www.tor2web.to
Details Url 1
https://github.com/tor2web/tor2web
Details Url 1
https://gitlab.torproject.org/legacy/trac/-/wikis/doc/meek
Details Url 1
https://www.fireeye.com/blog/threat-research/2017/03/apt29_domain_frontin.html
Details Url 1
https://www.sentinelone.com/blog/privacy-2019-tor-meek-rise-fall-domain-fronting
Details Url 1
https://github.com/maldevel/canisrufus
Details Url 1
https://www.n00py.io/2019/06/introducing-slackor-a-remote-access-tool-using-slack-as-a-c2-channel
Details Url 1
https://github.com/n00py/slackor
Details Url 1
https://www.anquanke.com/post/id/86974
Details Url 1
https://pentestlab.blog/2017/08/03/command-and-control-gmail
Details Url 2
https://github.com/byt3bl33d3r/gcat
Details Url 2
https://github.com/maldevel/gdog
Details Url 1
https://pentestlab.blog/2017/09/26/command-and-control-twitter
Details Url 3
https://github.com/paulsec/twittor
Details Url 1
https://blog.blazeinfosec.com/bt2-leveraging-telegram-as-a-command-control-platform
Details Url 1
http://drops.xmd5.com/static/drops/tips-16142.html
Details Url 1
https://github.com/blazeinfosec/bt2
Details Url 1
https://pentestlab.blog/2017/08/29/command-and-control-dropbox
Details Url 1
https://truneski.github.io/post/2018/11/05/cobaltstrike-over-external-c2-via-dropbox
Details Url 2
https://github.com/0x09al/dropboxc2c
Details Url 2
https://github.com/arno0x/dbc2
Details Url 2
https://rhinosecuritylabs.com/aws/hiding-cloudcobalt-strike-beacon-c2-using-amazon-apis
Details Url 1
https://github.com/alphaseclab/awesome-rat
Details Url 1
https://blog.avast.com/a-deeper-look-into-malware-abusing-teamviewer
Details Url 1
https://www.malwaretech.com/2015/09/hidden-vnc-for-beginners.html
Details Url 1
https://securityintelligence.com/anatomy-of-an-hvnc-attack
Details Url 1
https://reaqta.com/2017/11/short-journey-darkvnc
Details Url 1
https://www.javatpoint.com/computer-network-tcp-ip-model
Details Url 1
https://www.hackingarticles.in/command-and-control-tunnelling-via-icmp
Details Url 1
https://pentestlab.blog/2017/07/28/command-and-control-icmp
Details Url 1
https://github.com/bdamele/icmpsh
Details Url 1
https://github.com/nocow4bob/pix-c2
Details Url 1
http://eelsivart.blogspot.com/2015/02/python-tty-reverse-shell-over-ipv6-one.html
Details Url 1
https://oscp.infosecsanyam.in/shells/reverse-shell-cheat-sheet
Details Url 2
https://www.zdnet.com/article/sly-malware-author-hides-cryptomining-botnet-behind-ever-shifting-proxy-service
Details Url 2
https://ngrok.com/download
Details Url 1
https://www.blackhillsinfosec.com/sshazam-hide-your-c2-inside-of-ssh
Details Url 1
https://en.wikipedia.org/wiki/port_knocking
Details Url 1
http://einverne.github.io/post/2019/07/how-to-use-port-knocking-hide-ssh-daemon-port.html
Details Url 1
https://www.rapid7.com/blog/post/2017/10/04/how-to-secure-ssh-server-using-port-knocking-on-ubuntu-linux
Details Url 1
http://www.cipherdyne.org/fwknop/docs/fwknop-tutorial.html
Details Url 1
https://github.com/mrash/fwknop
Details Url 2
https://attack.mitre.org/techniques/t1132
Details Url 6
https://attack.mitre.org/tactics/ta0011
Details Url 1
https://www.4hou.com/posts/l05w
Details Url 1
https://www.4hou.com/posts/nx5k
Details Url 1
https://f5.pm/go-33799.html
Details Url 1
https://www.cnblogs.com/kevingeorge/p/11301730.html
Details Url 1
https://attack.mitre.org/techniques/t1568/003
Details Url 1
https://www.bilibili.com/read/cv10665976
Details Url 1
https://www.topsec.com.cn/article/4797.html
Details Url 1
https://github.com/baderj/domain_generation_algorithms
Details Url 1
https://data.netlab.360.com/dga
Details Url 1
https://zvelo.com/domain-generation-algorithms-dgas
Details Url 1
https://jason-trost.medium.com/getting-started-with-dga-domain-detection-research-89af69213257
Details Url 1
https://attack.mitre.org/techniques/t1568/002
Details Url 1
https://mp.weixin.qq.com/s/95ejmjzbsvye1fuau2j_pq
Details Url 1
https://fortynorthsecurity.com/blog/azure-functions-functional-redirection
Details Url 1
https://blog.xpnsec.com/aws-lambda-redirector
Details Url 1
http://blog.nsfocus.net/cdn-faas
Details Url 1
https://www.anquanke.com/post/id/238142
Details Url 1
https://www.anquanke.com/post/id/239180
Details Url 1
https://www.anquanke.com/post/id/239640
Details Url 1
https://mp.weixin.qq.com/s/6nbrrjhffpcw4n90n8aura
Details Url 1
https://rhinosecuritylabs.com/aws/bypassing-ip-based-blocking-aws
Details Url 1
https://www.zdnet.com/article/microsoft-has-a-subdomain-hijacking-problem
Details Url 1
https://vullnerability.com/blog/microsoft-subdomain-account-takeover
Details Url 1
https://0xpatrik.com/subdomain-takeover-starbucks-ii
Details Url 3
https://www.hackerone.com/application-security/guide-subdomain-takeovers
Details Url 1
https://force.tencent.com
Details Url 1
https://force.tencent.com/docs/红蓝对抗之隐蔽通信应用及防御.pptx