BlueHat v17 || Using TLS Certificates to Track Activity Groups

•Download as PPTX, PDF•

1 like•714 views

Mark Parsons, Microsoft As the internet moves to encryption for standard protocols we have seen malware also following that trend by using TLS certificates for encrypting C2 communications. Using open source scanning data projects like Shodan, Censys and Rapid 7 sonar we will discuss ways to use this scanning data. This talk will go over examples of using TLS certificates for tracking multiple activity groups and their infrastructure , ways to find popular post exploitation frameworks and some examples of getting to know your own environment

Technology

https://scans.io/study/sonar.ssl
https://censys.io
https://community.riskiq.com
https://www.circl.lu/services/passive-ssl/

Recently uploaded

SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal

TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey

Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3

Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed

DMCC Future of Trade Web3 - Special EditionDubai Multi Commodity Centre

Advanced Computer Architecture – An IntroductionDilum Bandara

How to write a Business Continuity PlanDatabarracks

A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3

Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University

The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3

Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation

DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada

Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays

Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3

DevEX - reference for building teams, processes, and platformsSergiu Bodiu

TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc

Recently uploaded (20)

SAP Build Work Zone - Overview L2-L3.pptx

TeamStation AI System Report LATAM IT Salaries 2024

Unleash Your Potential - Namagunga Girls Coding Club

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx

Scanning the Internet for External Cloud Exposures via SSL Certs

DMCC Future of Trade Web3 - Special Edition

Advanced Computer Architecture – An Introduction

How to write a Business Continuity Plan

A Deep Dive on Passkeys: FIDO Paris Seminar.pptx

Nell’iperspazio con Rocket: il Framework Web di Rust!

The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx

Connect Wave/ connectwave Pitch Deck Presentation

DSPy a system for AI to Write Prompts and Do Fine Tuning

New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024

Digital Identity is Under Attack: FIDO Paris Seminar.pptx

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack

Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx

DevEX - reference for building teams, processes, and platforms

TrustArc Webinar - How to Build Consumer Trust Through Data Privacy