I will pinpoint in this section all the documentations that have been used to write my technical writeup, it’s only to keep track of all the things in case i forget, and it can also be helpful later on for crossing references between them.

Sources

  • Checkpoint
  • Silentpush
  • Hasherezade
  • Smukx aka Whitecat18
  • https://cocomelonc.github.io/page2/

Topics Ideas :

  • Tracking infrastructure : BPH
  • Retrieve DROP from shse, monitor any change in DNS record
  • Match Discovered ASNs with hurricane electric database to see if they any peering partner ?
  • Look for indicator for BPH : Crescendo (Whois DNS ASN Organisations records, patterns in domains/ structure of the hosted pages (find a common skeleton ?), pattern on contents (what can be useful and what is impratical for our use cases)

  • Test for various kinds of tools (also creating somes) (for the tests: take a random bph range of ip)

  • Detection / threat hunting : Oneshot honeypotlab
  • Write a oneshot script for the deployement of the lab (Ansible, bash ? …)
  • Incorporate at least 3 types of motors : Suricata, yara, sigma

  • Find the best cost effective infra

  • Reverse engineering and Malware Analysis : Rust for maldev , Hasherezade repo
  • Writeup about Struppigel courses ? MAOS books?
  • Create a repo with several languages : Language_name - malware types - malware variant - malware techniques.
  • Developping tools to automate manuals tasks (Go/Rust/Python)
<
Blog Archive
All posts
>
Blog Archive
All posts