UNKNOWN
Tags
Common Information
Type | Value |
---|---|
UUID | 84aff268-c4d1-43e6-8daf-7d216e8673f4 |
Fingerprint | afc49ead6ceabe0d |
Analysis status | IN_PROGRESS |
Considered CTI value | 0 |
Text language | |
Published | None |
Added to db | Dec. 20, 2024, 2:54 p.m. |
Last updated | Dec. 23, 2024, 12:17 p.m. |
Headline | UNKNOWN |
Title | UNKNOWN |
Detected Hints/Tags/Attributes | 54/1/243 |
Source URLs
Redirection | Url | |
---|---|---|
Details | Source | https://www.secrss.com/articles/34725 |
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 4702 | github.com |
|
Details | Domain | 2 | cheatsheet.md |
|
Details | Domain | 17 | sensepost.com |
|
Details | Domain | 7 | dns.google.com |
|
Details | Domain | 2 | force.tencent.com |
|
Details | Domain | 59 | www.freebuf.com |
|
Details | Domain | 25 | www.cnblogs.com |
|
Details | Domain | 28 | posts.specterops.io |
|
Details | Domain | 2 | bluescreenofjeff.com |
|
Details | Domain | 25 | www.anquanke.com |
|
Details | Domain | 14 | www.blackhillsinfosec.com |
|
Details | Domain | 22 | zhuanlan.zhihu.com |
|
Details | Domain | 67 | www.cloudflare.com |
|
Details | Domain | 25 | infosecwriteups.com |
|
Details | Domain | 675 | en.wikipedia.org |
|
Details | Domain | 3 | www.icir.org |
|
Details | Domain | 2 | evi1cg.me |
|
Details | Domain | 94 | xz.aliyun.com |
|
Details | Domain | 1 | www.moonsec.com |
|
Details | Domain | 2 | www.ntop.org |
|
Details | Domain | 197 | www.zdnet.com |
|
Details | Domain | 297 | mp.weixin.qq.com |
|
Details | Domain | 5 | xlab.tencent.com |
|
Details | Domain | 10 | cobalt.io |
|
Details | Domain | 16 | lab.wallarm.com |
|
Details | Domain | 137 | portswigger.net |
|
Details | Domain | 1 | www.signalsciences.com |
|
Details | Domain | 2 | blog.securelayer7.net |
|
Details | Domain | 42 | www.akamai.com |
|
Details | Domain | 8 | zh.wikipedia.org |
|
Details | Domain | 3 | 2019.www.torproject.org |
|
Details | Domain | 452 | www.microsoft.com |
|
Details | Domain | 13 | www.synack.com |
|
Details | Domain | 16 | www.mdsec.co.uk |
|
Details | Domain | 2 | www.tor2web.org |
|
Details | Domain | 1 | www.tor2web.to |
|
Details | Domain | 2 | gitlab.torproject.org |
|
Details | Domain | 200 | www.fireeye.com |
|
Details | Domain | 133 | www.sentinelone.com |
|
Details | Domain | 1 | www.n00py.io |
|
Details | Domain | 12 | pentestlab.blog |
|
Details | Domain | 1 | blog.blazeinfosec.com |
|
Details | Domain | 1 | drops.xmd5.com |
|
Details | Domain | 1 | truneski.github.io |
|
Details | Domain | 10 | rhinosecuritylabs.com |
|
Details | Domain | 62 | blog.avast.com |
|
Details | Domain | 23 | www.malwaretech.com |
|
Details | Domain | 97 | securityintelligence.com |
|
Details | Domain | 7 | reaqta.com |
|
Details | Domain | 6 | www.javatpoint.com |
|
Details | Domain | 24 | www.hackingarticles.in |
|
Details | Domain | 1 | eelsivart.blogspot.com |
|
Details | Domain | 2 | oscp.infosecsanyam.in |
|
Details | Domain | 20 | ngrok.com |
|
Details | Domain | 1 | einverne.github.io |
|
Details | Domain | 1 | www.cipherdyne.org |
|
Details | Domain | 418 | attack.mitre.org |
|
Details | Domain | 7 | www.4hou.com |
|
Details | Domain | 1 | f5.pm |
|
Details | Domain | 8 | www.bilibili.com |
|
Details | Domain | 1 | www.topsec.com.cn |
|
Details | Domain | 2 | data.netlab.360.com |
|
Details | Domain | 4 | zvelo.com |
|
Details | Domain | 1 | jason-trost.medium.com |
|
Details | Domain | 1 | fortynorthsecurity.com |
|
Details | Domain | 14 | blog.xpnsec.com |
|
Details | Domain | 29 | blog.nsfocus.net |
|
Details | Domain | 1 | vullnerability.com |
|
Details | Domain | 3 | 0xpatrik.com |
|
Details | Domain | 23 | www.hackerone.com |
|
Details | Domain | 6752 | 163.com |
|
Details | File | 1 | 235651.html |
|
Details | File | 1 | 189948.html |
|
Details | File | 1 | 15113996.html |
|
Details | File | 1 | meek-pets-2015.pdf |
|
Details | File | 1 | domain_fronting.html |
|
Details | File | 1 | 276159.html |
|
Details | File | 918 | index.html |
|
Details | File | 12 | overview.html |
|
Details | File | 1 | tor_fronting.html |
|
Details | File | 1 | apt29_domain_frontin.html |
|
Details | File | 1 | tips-16142.html |
|
Details | File | 1 | hidden-vnc-for-beginners.html |
|
Details | File | 15 | www.java |
|
Details | File | 1 | python-tty-reverse-shell-over-ipv6-one.html |
|
Details | File | 2 | oscp.inf |
|
Details | File | 1 | how-to-use-port-knocking-hide-ssh-daemon-port.html |
|
Details | File | 1 | fwknop-tutorial.html |
|
Details | File | 1 | go-33799.html |
|
Details | File | 1 | 11301730.html |
|
Details | File | 1 | 4797.html |
|
Details | File | 1 | 红蓝对抗之隐蔽通信应用及防御.pptx |
|
Details | Github username | 9 | swisskyrepo |
|
Details | Github username | 5 | iagox86 |
|
Details | Github username | 26 | sensepost |
|
Details | Github username | 12 | spiderlabs |
|
Details | Github username | 9 | curl |
|
Details | Github username | 3 | rebeyond |
|
Details | Github username | 3 | antswordproject |
|
Details | Github username | 6 | rsmudge |
|
Details | Github username | 2 | xx0hcd |
|
Details | Github username | 2 | arno0x |
|
Details | Github username | 7 | ne0nd0g |
|
Details | Github username | 1 | sixgeninc |
|
Details | Github username | 1 | ridter |
|
Details | Github username | 1 | tor2web |
|
Details | Github username | 3 | maldevel |
|
Details | Github username | 2 | n00py |
|
Details | Github username | 14 | byt3bl33d3r |
|
Details | Github username | 3 | paulsec |
|
Details | Github username | 1 | blazeinfosec |
|
Details | Github username | 5 | 0x09al |
|
Details | Github username | 3 | alphaseclab |
|
Details | Github username | 1 | bdamele |
|
Details | Github username | 1 | nocow4bob |
|
Details | Github username | 2 | mrash |
|
Details | Github username | 2 | baderj |
|
Details | MITRE ATT&CK Techniques | 100 | T1132 |
|
Details | MITRE ATT&CK Techniques | 29 | T1568 |
|
Details | Url | 2 | https://github.com/swisskyrepo/payloadsallthethings/blob/master/methodology |
|
Details | Url | 3 | https://github.com/iagox86/dnscat2 |
|
Details | Url | 1 | https://github.com/sensepost/godoh |
|
Details | Url | 1 | https://github.com/spiderlabs/dohc2 |
|
Details | Url | 1 | https://sensepost.com/blog/2018/waiting-for-godoh |
|
Details | Url | 1 | https://community.rsa.com/t5/netwitness-blog/using-the-rsa-netwitness-platform-to-detect-c-c-godoh/ba-p/520484 |
|
Details | Url | 1 | https://dns.google.com/resolve?name=force.tencent.com |
|
Details | Url | 1 | https://github.com/curl/curl/wiki/dns-over-https |
|
Details | Url | 1 | https://www.freebuf.com/articles/web/235651.html |
|
Details | Url | 2 | https://github.com/rebeyond/behinder |
|
Details | Url | 2 | https://github.com/antswordproject/antsword |
|
Details | Url | 1 | https://www.freebuf.com/news/189948.html |
|
Details | Url | 1 | https://www.cnblogs.com/nul1/p/15113996.html |
|
Details | Url | 2 | https://github.com/rsmudge/malleable-c2-profiles |
|
Details | Url | 1 | https://github.com/xx0hcd/malleable-c2-profiles |
|
Details | Url | 2 | https://posts.specterops.io/a-deep-dive-into-cobalt-strike-malleable-c2-6660e33b0e0b |
|
Details | Url | 1 | https://bluescreenofjeff.com/2016-06-28-cobalt-strike-http-c2-redirectors-with-apache-mod_rewrite |
|
Details | Url | 1 | https://www.anquanke.com/post/id/104784 |
|
Details | Url | 1 | https://github.com/arno0x/wsc2 |
|
Details | Url | 1 | https://www.blackhillsinfosec.com/command-and-control-with-websockets-wsc2 |
|
Details | Url | 3 | https://github.com/ne0nd0g/merlin |
|
Details | Url | 1 | https://zhuanlan.zhihu.com/p/102561034 |
|
Details | Url | 1 | https://www.cloudflare.com/zh-cn/learning/cdn/what-is-a-cdn |
|
Details | Url | 1 | https://infosecwriteups.com/finding-the-origin-ip-behind-cdns-37cd18d5275 |
|
Details | Url | 1 | https://en.wikipedia.org/wiki/domain_fronting |
|
Details | Url | 1 | https://www.icir.org/vern/papers/meek-pets-2015.pdf |
|
Details | Url | 1 | https://evi1cg.me/archives/domain_fronting.html |
|
Details | Url | 1 | https://www.freebuf.com/articles/network/276159.html |
|
Details | Url | 2 | https://xz.aliyun.com/t/4509 |
|
Details | Url | 1 | https://www.moonsec.com/archives/2928 |
|
Details | Url | 1 | https://www.ntop.org/ndpi/how-to-detect-domain-hiding-a-k-a-as-domain-fronting |
|
Details | Url | 1 | https://www.zdnet.com/article/def-con-new-tool-brings-back-domain-fronting-as-domain-hiding |
|
Details | Url | 1 | https://github.com/sixgeninc/noctilucent |
|
Details | Url | 1 | https://github.com/ridter/domainhiding |
|
Details | Url | 1 | https://mp.weixin.qq.com/s/dfjzdf74u_ilrn9ylmikua |
|
Details | Url | 1 | https://xlab.tencent.com/cn/2021/05/14/domain-borrowing |
|
Details | Url | 1 | https://www.blackhat.com/asia-21/briefings/schedule/index.html#domain |
|
Details | Url | 1 | https://cobalt.io/blog/a-pentesters-guide-to-http-request-smuggling |
|
Details | Url | 1 | https://lab.wallarm.com/cloudflare-fixed-an-http-2-smuggling-vulnerability |
|
Details | Url | 4 | https://portswigger.net/web-security/request-smuggling |
|
Details | Url | 1 | https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn |
|
Details | Url | 1 | https://portswigger.net/web-security/request-smuggling/exploiting |
|
Details | Url | 1 | https://www.signalsciences.com/blog/detecting-and-mitigating-http-request-smuggling |
|
Details | Url | 1 | https://blog.securelayer7.net/http-request-smuggling |
|
Details | Url | 1 | https://www.akamai.com/blog/security/http-2-request-smulggling |
|
Details | Url | 1 | https://zh.wikipedia.org/wiki/tor |
|
Details | Url | 1 | https://2019.www.torproject.org/about/overview.html.en |
|
Details | Url | 1 | https://2019.www.torproject.org/docs/tor-onion-service |
|
Details | Url | 1 | https://www.microsoft.com/security/blog/2014/03/05/sefnits-tor-botnet-cc-details |
|
Details | Url | 1 | https://www.synack.com/blog/mac-malware-2016 |
|
Details | Url | 1 | https://evi1cg.me/archives/tor_fronting.html |
|
Details | Url | 1 | https://www.mdsec.co.uk/2017/02/tor-fronting-utilising-hidden-services-for-privacy |
|
Details | Url | 1 | https://www.tor2web.org |
|
Details | Url | 1 | https://www.tor2web.to |
|
Details | Url | 1 | https://github.com/tor2web/tor2web |
|
Details | Url | 1 | https://gitlab.torproject.org/legacy/trac/-/wikis/doc/meek |
|
Details | Url | 1 | https://www.fireeye.com/blog/threat-research/2017/03/apt29_domain_frontin.html |
|
Details | Url | 1 | https://www.sentinelone.com/blog/privacy-2019-tor-meek-rise-fall-domain-fronting |
|
Details | Url | 1 | https://github.com/maldevel/canisrufus |
|
Details | Url | 1 | https://www.n00py.io/2019/06/introducing-slackor-a-remote-access-tool-using-slack-as-a-c2-channel |
|
Details | Url | 1 | https://github.com/n00py/slackor |
|
Details | Url | 1 | https://www.anquanke.com/post/id/86974 |
|
Details | Url | 1 | https://pentestlab.blog/2017/08/03/command-and-control-gmail |
|
Details | Url | 2 | https://github.com/byt3bl33d3r/gcat |
|
Details | Url | 2 | https://github.com/maldevel/gdog |
|
Details | Url | 1 | https://pentestlab.blog/2017/09/26/command-and-control-twitter |
|
Details | Url | 3 | https://github.com/paulsec/twittor |
|
Details | Url | 1 | https://blog.blazeinfosec.com/bt2-leveraging-telegram-as-a-command-control-platform |
|
Details | Url | 1 | http://drops.xmd5.com/static/drops/tips-16142.html |
|
Details | Url | 1 | https://github.com/blazeinfosec/bt2 |
|
Details | Url | 1 | https://pentestlab.blog/2017/08/29/command-and-control-dropbox |
|
Details | Url | 1 | https://truneski.github.io/post/2018/11/05/cobaltstrike-over-external-c2-via-dropbox |
|
Details | Url | 2 | https://github.com/0x09al/dropboxc2c |
|
Details | Url | 2 | https://github.com/arno0x/dbc2 |
|
Details | Url | 2 | https://rhinosecuritylabs.com/aws/hiding-cloudcobalt-strike-beacon-c2-using-amazon-apis |
|
Details | Url | 1 | https://github.com/alphaseclab/awesome-rat |
|
Details | Url | 1 | https://blog.avast.com/a-deeper-look-into-malware-abusing-teamviewer |
|
Details | Url | 1 | https://www.malwaretech.com/2015/09/hidden-vnc-for-beginners.html |
|
Details | Url | 1 | https://securityintelligence.com/anatomy-of-an-hvnc-attack |
|
Details | Url | 1 | https://reaqta.com/2017/11/short-journey-darkvnc |
|
Details | Url | 1 | https://www.javatpoint.com/computer-network-tcp-ip-model |
|
Details | Url | 1 | https://www.hackingarticles.in/command-and-control-tunnelling-via-icmp |
|
Details | Url | 1 | https://pentestlab.blog/2017/07/28/command-and-control-icmp |
|
Details | Url | 1 | https://github.com/bdamele/icmpsh |
|
Details | Url | 1 | https://github.com/nocow4bob/pix-c2 |
|
Details | Url | 1 | http://eelsivart.blogspot.com/2015/02/python-tty-reverse-shell-over-ipv6-one.html |
|
Details | Url | 1 | https://oscp.infosecsanyam.in/shells/reverse-shell-cheat-sheet |
|
Details | Url | 2 | https://www.zdnet.com/article/sly-malware-author-hides-cryptomining-botnet-behind-ever-shifting-proxy-service |
|
Details | Url | 2 | https://ngrok.com/download |
|
Details | Url | 1 | https://www.blackhillsinfosec.com/sshazam-hide-your-c2-inside-of-ssh |
|
Details | Url | 1 | https://en.wikipedia.org/wiki/port_knocking |
|
Details | Url | 1 | http://einverne.github.io/post/2019/07/how-to-use-port-knocking-hide-ssh-daemon-port.html |
|
Details | Url | 1 | https://www.rapid7.com/blog/post/2017/10/04/how-to-secure-ssh-server-using-port-knocking-on-ubuntu-linux |
|
Details | Url | 1 | http://www.cipherdyne.org/fwknop/docs/fwknop-tutorial.html |
|
Details | Url | 1 | https://github.com/mrash/fwknop |
|
Details | Url | 2 | https://attack.mitre.org/techniques/t1132 |
|
Details | Url | 6 | https://attack.mitre.org/tactics/ta0011 |
|
Details | Url | 1 | https://www.4hou.com/posts/l05w |
|
Details | Url | 1 | https://www.4hou.com/posts/nx5k |
|
Details | Url | 1 | https://f5.pm/go-33799.html |
|
Details | Url | 1 | https://www.cnblogs.com/kevingeorge/p/11301730.html |
|
Details | Url | 1 | https://attack.mitre.org/techniques/t1568/003 |
|
Details | Url | 1 | https://www.bilibili.com/read/cv10665976 |
|
Details | Url | 1 | https://www.topsec.com.cn/article/4797.html |
|
Details | Url | 1 | https://github.com/baderj/domain_generation_algorithms |
|
Details | Url | 1 | https://data.netlab.360.com/dga |
|
Details | Url | 1 | https://zvelo.com/domain-generation-algorithms-dgas |
|
Details | Url | 1 | https://jason-trost.medium.com/getting-started-with-dga-domain-detection-research-89af69213257 |
|
Details | Url | 1 | https://attack.mitre.org/techniques/t1568/002 |
|
Details | Url | 1 | https://mp.weixin.qq.com/s/95ejmjzbsvye1fuau2j_pq |
|
Details | Url | 1 | https://fortynorthsecurity.com/blog/azure-functions-functional-redirection |
|
Details | Url | 1 | https://blog.xpnsec.com/aws-lambda-redirector |
|
Details | Url | 1 | http://blog.nsfocus.net/cdn-faas |
|
Details | Url | 1 | https://www.anquanke.com/post/id/238142 |
|
Details | Url | 1 | https://www.anquanke.com/post/id/239180 |
|
Details | Url | 1 | https://www.anquanke.com/post/id/239640 |
|
Details | Url | 1 | https://mp.weixin.qq.com/s/6nbrrjhffpcw4n90n8aura |
|
Details | Url | 1 | https://rhinosecuritylabs.com/aws/bypassing-ip-based-blocking-aws |
|
Details | Url | 1 | https://www.zdnet.com/article/microsoft-has-a-subdomain-hijacking-problem |
|
Details | Url | 1 | https://vullnerability.com/blog/microsoft-subdomain-account-takeover |
|
Details | Url | 1 | https://0xpatrik.com/subdomain-takeover-starbucks-ii |
|
Details | Url | 3 | https://www.hackerone.com/application-security/guide-subdomain-takeovers |
|
Details | Url | 1 | https://force.tencent.com |
|
Details | Url | 1 | https://force.tencent.com/docs/红蓝对抗之隐蔽通信应用及防御.pptx |