ioc[.]one - OSINT Cyber Threat Intelligence Database

Post Exploitation - Sniff the Target's Encrypted Traffic in Clear-Text

Tags

attack-pattern:

Data Hooking - T1617 Network Devices - T1584.008 Ssh - T1021.004 Tool - T1588.002 Hooking - T1179 Hooking

Show in Graph

Common Information

Type	Value
UUID	fc967ae3-a0de-4a0a-b6ca-f6dc8dcf829d
Fingerprint	3655737f68223df5
Analysis status	DONE
Considered CTI value	1
Text language
Published	April 25, 2017, 8:34 p.m.
Added to db	Jan. 18, 2023, 9:22 p.m.
Last updated	Nov. 17, 2024, 11:36 p.m.
Headline	NetWitness Community
Title	Post Exploitation - Sniff the Target's Encrypted Traffic in Clear-Text
Detected Hints/Tags/Attributes	41/1/9

Source URLs

	Redirection	Url
Details	Source	https://community.rsa.com/community/products/netwitness/blog/2017/04/25/post-exploitation-capture-the-targets-encrypted-traffic-in-clear-text

URL Provider

Details	Provider	Source level domain
Details	rsa.com	community.rsa.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	1175		gmail.com
Details	Email	1		someone@gmail.com
Details	File	2		netripper.rb
Details	File	2		netripper.cpp
Details	File	17		dll.dll
Details	File	199		firefox.exe
Details	File	55		putty.exe
Details	File	1		_pr_write.txt
Details	Threat Actor Identifier - APT	297		APT27