Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-09Twitter (@sixdub)Justin Warner
@online{warner:20220109:malicious:69c6805, author = {Justin Warner}, title = {{Tweet on malicious document used by Gamaredon aka DEV-0157}}, date = {2022-01-09}, organization = {Twitter (@sixdub)}, url = {https://twitter.com/sixdub/status/1480188400795803652}, language = {English}, urldate = {2022-01-18} } Tweet on malicious document used by Gamaredon aka DEV-0157
2021-04-07Medium sixdubJustin Warner
@online{warner:20210407:using:a7d19fd, author = {Justin Warner}, title = {{Using Kaitai Struct to Parse Cobalt Strike Beacon Configs}}, date = {2021-04-07}, organization = {Medium sixdub}, url = {https://sixdub.medium.com/using-kaitai-to-parse-cobalt-strike-beacon-configs-f5f0552d5a6e}, language = {English}, urldate = {2021-04-09} } Using Kaitai Struct to Parse Cobalt Strike Beacon Configs
Cobalt Strike
2019-07-23GigamonKristina Savelesky, Ed Miles, Justin Warner
@online{savelesky:20190723:abadbabe:061c7a8, author = {Kristina Savelesky and Ed Miles and Justin Warner}, title = {{ABADBABE 8BADF00D: Discovering BADHATCH and a Detailed Look at FIN8’s Tooling}}, date = {2019-07-23}, organization = {Gigamon}, url = {https://atr-blog.gigamon.com/2019/07/23/abadbabe-8badf00d-discovering-badhatch-and-a-detailed-look-at-fin8s-tooling/}, language = {English}, urldate = {2020-02-09} } ABADBABE 8BADF00D: Discovering BADHATCH and a Detailed Look at FIN8’s Tooling
PoSlurp Powersniff
2018-06-07GigamonChenming Xu, Jason Jones, Justin Warner, Dan Caselden
@online{xu:20180607:adobe:5bedebc, author = {Chenming Xu and Jason Jones and Justin Warner and Dan Caselden}, title = {{Adobe Flash Zero-Day Leveraged for Targeted Attack in Middle East - Gigamon ATR Blog}}, date = {2018-06-07}, organization = {Gigamon}, url = {https://www.icebrg.io/blog/adobe-flash-zero-day-targeted-attack}, language = {English}, urldate = {2019-07-22} } Adobe Flash Zero-Day Leveraged for Targeted Attack in Middle East - Gigamon ATR Blog
Chainshot