Since we published about identifying Cobalt Strike Team Servers in the wild just over three years ago, we’ve collected over 128,000 beacons from over 24,000 active Team Servers. Today, RIFT is making this extensive beacon dataset publicly available in combination with the open-source release of dissect.cobaltstrike, our Python library for studying and parsing Cobalt Strike … Continue reading Mining data from Cobalt Strike beacons
Tag: Python
CertPortal: Building Self-Service Secure S/MIME Provisioning Portal
tl;dr NCC Group's Research & Development team designed and built CertPortal which allows users to create and manage S/MIME certificates automating the registration and renewal to allow enterprise scale deployment. The core of the system integrates DigiCert to create an S/MIME certificate and then storing both the certificate, the password, creation and expiry dates in … Continue reading CertPortal: Building Self-Service Secure S/MIME Provisioning Portal
ZigTools: An Open Source 802.15.4 Framework
This research was originally performed by researchers from iSec Partners (now NCC Group), and has been migrated to research.nccgroup.com for posterity. ZigTools: An Open Source 802.15.4 Framework 04 Aug 2014 - Mike Warner ZigTools is a Python framework, which was developed to reduce the complexity in writing additional functionality in communicating with a Freakduino (a … Continue reading ZigTools: An Open Source 802.15.4 Framework
Tool Release: SSLyze v0.8 released
This research was originally performed by researchers from iSec Partners (now NCC Group), and has been migrated to research.nccgroup.com for posterity. SSLyze v0.8 released 30 Dec 2013 - Alban Diquet A new version of SSLyze is now available. SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. Changelog … Continue reading Tool Release: SSLyze v0.8 released
Tool Release: Redirecting traffic with dnsRedir.py
This research was originally performed by researchers from iSec Partners (now NCC Group), and has been migrated to research.nccgroup.com for posterity. Redirecting traffic with dnsRedir.py 05 Sep 2013 - Tim Newsham Often while performing network protocol testing, we want to be able to redirect traffic going to a legitimate server to a server of our … Continue reading Tool Release: Redirecting traffic with dnsRedir.py
SSLyze v0.7 Released
SSLyze v0.7 Released 14 Aug 2013 - Alban Diquet A new version of SSLyze is now available. SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. Changelog Complete rewrite of the OpenSSL wrapper as a C extensionSSLyze is now statically linked with the latest version of OpenSSL instead of … Continue reading SSLyze v0.7 Released
Tool Release: tcpprox
This research was originally performed by researchers from iSec Partners (now NCC Group), and has been migrated to research.nccgroup.com for posterity. Tool Release: tcpprox 21 Feb 2013 - Tim Newsham Tcpprox is a simple command line tcp proxy written in Python. It is designed to have very minimal requirements - it runs directly from Python (tested … Continue reading Tool Release: tcpprox