imjdl blog

Perpetual student, continual incremental improvement.

Preview Image

An analysis of CobaltStrike phishing site detection (chinese)

Attention This article was written while I was in the 360 Quake Team. Copyright © qihoo 360. 浅析 CobaltStrike Beacon Staging Server 扫描 0x01 前言对网络空间测绘数据的分析和发掘，是Quake团队一直以来的核心目标。近期，我们留意到有国外安全研究...

Jun 21, 2021 Hunter, CobaltStrike

Preview Image

Analysis of CobaltStrike Team Server Scanning (chinese)

Attention This article was written while I was in the 360 Quake Team. Copyright © qihoo 360. 前言 Cobalt Strike 是由Strategic Cyber公司开发的一款商业化渗透测试工具。该软件具有简单易用、可扩展性高等优点，并且具备团队协作等特点，因此被广大黑客、白帽子和安全研究人员等...

Apr 15, 2021 Hunter, CobaltStrike

Preview Image

Analysis of open source honeypot identification and network-wide mapping (chinese)

Attention This article was written while I was in the 360 Quake Team. Copyright © qihoo 360. 0x01 前言蜜罐是网络红蓝攻防对抗中检测威胁的重要产品。防守方常常利用蜜罐分析攻击行为、捕获漏洞、甚至反制攻击者。攻击方可以通过蜜罐识别技术来发现和规避蜜罐。因此，我们有必要站在红队攻击者的角度出发...

Jan 17, 2021 Hunter, honeypot

Preview Image

TLS server-side tagging using JARM fingerprinting (chinese)

Attention This article was written while I was in the 360 Quake Team. Copyright © qihoo 360. 0x01 背景对网络空间测绘数据的分析和发掘，是Quake团队一直以来的核心目标。十几年来Web应用的飞速发展使其毋庸置疑的成为了互联网的主流。为了弥补Web应用和HTTP协议的各类安全问题，HT...

Dec 14, 2020 Hunter, Jarm

Preview Image

Analysis of CobaltStrike Beacon Staging Server Scanning (chinese)

Attention This article was written while I was in the 360 Quake Team. Copyright © qihoo 360. 浅析 CobaltStrike Beacon Staging Server 扫描 0x01 前言对网络空间测绘数据的分析和发掘，是Quake团队一直以来的核心目标。近期，我们留意到有国外安全...

Dec 14, 2020 Hunter, honeypot

1
...
3
4
5
6
4 / 6