Hot Topics

Accept-Encoding

Finding SolarWinds / SUNBURST backdoors with Zeek, Suricata, & Corelight

Detecting CVE-2021-31166 – HTTP vulnerability

| | Accept-Encoding, Corelight Labs, CVE-202131166, GitHub, http, http.log, HTTP.sys, Network Security, network security monitoring, network traffic analysis, network visibility, SOAP, SolarWinds, SUNBURST, WinRM, Zeek
By Ben Reardon, Corelight Security Researcher In this blog we aim to provide a little insight into part of the lifecycle of Corelight Lab’s response to a critical HTTP vulnerability. We’ve open-sourced ...
Bright Ideas Blog
Pony using curl to set: Accept-Encoding: identity, *;q=0

Detecting the Pony Trojan with RegEx using CapLoader

| | Accept-Encoding, curl, EmergingThreats, ids, Malware, malware-traffic-analysis.net, pony, quality factor, regex, regular expressions, rfc2616, rfc7231, snort, Suricata, trojan, video, videotutorial
This short video demonstrates how you can search through PCAP files with regular expressions (regex) using CapLoader and how this can be leveraged in order to improve IDS signatures. Your browser does ...
NETRESEC Network Security Blog

Secure Guardrails