Experts in network security monitoring and network forensics NETRESEC » Blog » Video

Hunting for Cobalt Strike in PCAP

In this video I analyze a pcap file with network traffic from Cobalt Strike Beacon using CapLoader. The pcap file and Cobalt Strike malware config can be downloaded from Recorded Future's Triage sandbox. Cobalt Strike Beacon configs can also be extracted locally with help of Didier Stevens' 1768.py[...]

Read the full writeup in the blog post Hunting for Cobalt Strike in PCAP

𝙽𝙴𝚃𝚁𝙴𝚂𝙴𝙲 | Contact Us | Privacy | X | Mastodon | RSS | News Feed