Name: Detecting Cobalt Strike and Hancitor traffic in PCAP
Uploaded: 2021-05-31T08:30:00.0000000Z
Description: This video shows how Cobalt Strike and Hancitor C2 traffic can be detected using CapLoader. Your browser does not support the video tag. I bet youre going: 😱 OMG hes analyzing Windows malware on a Windows PC!!! Relax, I know what Im doing. I have also taken the precaution of analyzing the PCAP file[...]

Experts in network security monitoring and network forensics

NETRESEC » Blog » Video

Detecting Cobalt Strike and Hancitor traffic in PCAP

#Netresec #Cobalt Strike #CobaltStrike #periodicity #Protocol Identification #PIPI #CapLoader #1768.py #Windows Sandbox #PCAP #NSM

This video shows how Cobalt Strike and Hancitor C2 traffic can be detected using CapLoader. Your browser does not support the video tag. I bet youre going: 😱 OMG hes analyzing Windows malware on a Windows PC!!! Relax, I know what Im doing. I have also taken the precaution of analyzing the PCAP file[...]

Read the full writeup in the blog post Detecting Cobalt Strike and Hancitor traffic in PCAP.

Open full screen video player.