donkey<p><a href="https://unfufadoo.net/tags/donkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>donkey</span></a> <a href="https://unfufadoo.net/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://unfufadoo.net/tags/memes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>memes</span></a> <a href="https://unfufadoo.net/tags/VoteBlueToSaveDemocracy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VoteBlueToSaveDemocracy</span></a> <a href="https://unfufadoo.net/tags/photos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>photos</span></a> <a href="https://unfufadoo.net/tags/Democrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Democrat</span></a> <a href="https://unfufadoo.net/tags/images" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>images</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
wandering.shop is one of the many independent Mastodon servers you can use to participate in the fediverse.
Wandering.Shop aims to have the vibe of a quality coffee shop at a busy SF&F Convention. Think tables of writers, fans and interested passers-by sharing drinks and conversation on a variety of topics.
Administered by:
Server stats:
870active users
wandering.shop: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#blueteam
7 posts · 5 participants · 0 posts today
donkey<p><a href="https://unfufadoo.net/tags/donkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>donkey</span></a> <a href="https://unfufadoo.net/tags/memes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>memes</span></a> <a href="https://unfufadoo.net/tags/VoteBlueToSaveDemocracy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VoteBlueToSaveDemocracy</span></a> <a href="https://unfufadoo.net/tags/photos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>photos</span></a> <a href="https://unfufadoo.net/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://unfufadoo.net/tags/Democrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Democrat</span></a> <a href="https://unfufadoo.net/tags/images" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>images</span></a></p>
donkey<p><a href="https://unfufadoo.net/tags/donkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>donkey</span></a> <a href="https://unfufadoo.net/tags/photos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>photos</span></a> <a href="https://unfufadoo.net/tags/VoteBlueToSaveDemocracy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VoteBlueToSaveDemocracy</span></a> <a href="https://unfufadoo.net/tags/images" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>images</span></a> <a href="https://unfufadoo.net/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://unfufadoo.net/tags/memes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>memes</span></a> <a href="https://unfufadoo.net/tags/Democrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Democrat</span></a></p>
donkey<p><a href="https://unfufadoo.net/tags/donkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>donkey</span></a> <a href="https://unfufadoo.net/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://unfufadoo.net/tags/photos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>photos</span></a> <a href="https://unfufadoo.net/tags/VoteBlueToSaveDemocracy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VoteBlueToSaveDemocracy</span></a> <a href="https://unfufadoo.net/tags/Democrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Democrat</span></a> <a href="https://unfufadoo.net/tags/images" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>images</span></a> <a href="https://unfufadoo.net/tags/memes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>memes</span></a></p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>Loki is an open-source malware scanner designed for threat detection. It uses YARA rules, IOC pattern matching, and file system anomaly detection to identify malicious files and artifacts. Ideal for quick triage, not full AV replacement. <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/Neo23x0/Loki" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/Neo23x0/Loki</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴☠️</p>
CrowdSec<p>Get started with the CrowdSec WAF: <a href="https://doc.crowdsec.net/docs/next/appsec/intro" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">doc.crowdsec.net/docs/next/app</span><span class="invisible">sec/intro</span></a></p><p>Virtual Patching WAF collection: <a href="https://app.crowdsec.net/hub/author/crowdsecurity/collections/appsec-virtual-patching" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">app.crowdsec.net/hub/author/cr</span><span class="invisible">owdsecurity/collections/appsec-virtual-patching</span></a> [3/3]</p><p><a href="https://infosec.exchange/tags/CrowdSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CrowdSec</span></a> <a href="https://infosec.exchange/tags/CTI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CTI</span></a> <a href="https://infosec.exchange/tags/CyberThreatIntelligence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberThreatIntelligence</span></a> <a href="https://infosec.exchange/tags/CVE202427292" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE202427292</span></a> <a href="https://infosec.exchange/tags/Docassemble" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Docassemble</span></a> <a href="https://infosec.exchange/tags/ExploitAlert" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ExploitAlert</span></a> <a href="https://infosec.exchange/tags/PathTraversal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PathTraversal</span></a> <a href="https://infosec.exchange/tags/OpenSourceSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSourceSecurity</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/BlueTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BlueTeam</span></a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThreatIntel</span></a></p>
Lenin alevski 🕵️💻<p>How can a DNS mail record be used to trick you into giving up your login credentials? 📨😕</p><p>Researchers at Infoblox have identified a phishing-as-a-service (PhaaS) platform called Morphing Meerkat that’s been quietly operating for over five years. What makes it notable is its use of DNS MX (Mail Exchange) records in ways rarely reported before. Instead of the usual static phishing page setups, Morphing Meerkat queries the victim’s email provider’s MX record—using DNS-over-HTTPS via Google or Cloudflare—to tailor the phishing page dynamically. This means victims are shown spoofed login interfaces that mimic the exact service they use, complete with matching branding and pre-filled email fields.</p><p>The platform supports more than 114 brand templates and uses obfuscated JavaScript to evade detection. It also includes built-in translation capabilities based on browser profile or geolocation, making the fake login pages appear native to the user's language. Earlier versions began in 2020 targeting just five email services (Gmail, Outlook, Yahoo, AOL, Office 365). By mid-2023, they could generate phishing pages dynamically using MX records and now operate in over a dozen languages.</p><p>Morphing Meerkat campaigns rely on a set of centralized email servers, primarily hosted by UK ISP iomart and US-based HostPapa, indicating a coordinated infrastructure rather than a loose network of attackers. The phishing emails often impersonate trusted services—banks, shipping companies, etc.—and are distributed using compromised WordPress sites, open redirects from platforms like Google’s DoubleClick, and embedded links in shortened URLs.</p><p>Once a user submits credentials, the system may display a fake “Invalid Password” error to lure them into re-entering data, after which they are redirected to the real login page. This not only reduces suspicion but also increases the chance of capturing correct credentials. Stolen data is sent back via AJAX, PHP scripts, or Telegram bots, sometimes with evidence removed in real-time.</p><p>This operation shows a deep understanding of modern security blind spots—including how content delivery and DNS infrastructure can be turned against end users.</p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴☠️</p>
RDP Snitch<p>2025-03-28 RDP <a href="https://infosec.exchange/tags/Honeypot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Honeypot</span></a> IOCs - 181569 scans<br>Thread with top 3 features in each category and links to the full dataset<br><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a></p><p>Top IPs:<br>138.199.24.6 - 91545<br>156.146.57.110 - 42849<br>156.146.57.52 - 10716</p><p>Top ASNs:<br>AS60068 - 93561<br>AS212238 - 64269<br>AS135161 - 10653</p><p>Top Accounts:<br>hello - 181455<br>Test - 33<br>eltons - 15</p><p>Top ISPs:<br>DataCamp Limited - 93561<br>Datacamp Limited - 64269<br>GMO-Z.COM PTE. LTD. - 10653</p><p>Top Clients:<br>Unknown - 181569</p><p>Top Software:<br>Unknown - 181569</p><p>Top Keyboards:<br>Unknown - 181569</p><p>Top IP Classification:<br>hosting & proxy - 160374<br>hosting - 10710<br>Unknown - 10440</p><p>Pastebin links with full 24-hr RDP Honeypot IOC Lists:<br><a href="https://pastebin.com/BiF6s8Jh" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">pastebin.com/BiF6s8Jh</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/CyberSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSec</span></a> <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SOC</span></a> <a href="https://infosec.exchange/tags/Blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Blueteam</span></a> <a href="https://infosec.exchange/tags/SecOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SecOps</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a></p>
Tim (Wadhwa-)Brown :donor:<p>A colleague of mine is looking for <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> SOC and IR folks to talk playbooks with as part of her PhD. Ping me if you might be interested and I can share the details.</p>
donkey<p><a href="https://unfufadoo.net/tags/donkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>donkey</span></a> <a href="https://unfufadoo.net/tags/kamala2024" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kamala2024</span></a> <a href="https://unfufadoo.net/tags/VoteBlueToSaveDemocracy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VoteBlueToSaveDemocracy</span></a> <a href="https://unfufadoo.net/tags/Democrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Democrat</span></a> <a href="https://unfufadoo.net/tags/MastodonForHarris" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MastodonForHarris</span></a> <a href="https://unfufadoo.net/tags/images" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>images</span></a> <a href="https://unfufadoo.net/tags/memes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>memes</span></a> <a href="https://unfufadoo.net/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://unfufadoo.net/tags/photos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>photos</span></a></p>
Mike Sheward<p>Mini Blue Team Diaries story: </p><p>There was a break-in over the weekend at one of our US offices. We occupied one floor of a shared office building, and two crooks managed to get in by going to an open floor above ours and breaking a lock on the fire escape.</p><p>Rather brilliantly, a building security guard was doing rounds and actually caught the pair stuffing iPads from conference rooms into a rucksack. However, when challenged they claimed to be employees and were left alone.</p><p>Anyway they ended up with about a half dozen iPads from Zoom rooms. Annoying but not the end of the world.</p><p>Those iPads were clearly sold on, as they were connected to an MDM server and started to pop up in locations all over the city over the course of the next week.</p><p>One of them was especially interesting. Because it was connected to our MDM Apple ID, it was syncing files to iCloud. This included photos. We noticed a lot of selfies of one particular dude show up. The dude looked a lot like one of the guys who we’d seen in our office on our security cameras. Yup.</p><p>We of course passed on all the information, including the location of the selfie generating iPad, to law enforcement.</p><p>I wish there was a more interesting ending - but they never followed up on the lead, of course. So the iPads lived on, slowly filling up with various photos and memories from the crook and the people they’d been sold on to.</p><p>Read more, slightly less mini stories, at infosecdiaries.com</p><p><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/InfoSecDiaries" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSecDiaries</span></a> <a href="https://infosec.exchange/tags/BlueTeam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BlueTeam</span></a></p>
donkey<p><a href="https://unfufadoo.net/tags/donkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>donkey</span></a> <a href="https://unfufadoo.net/tags/photos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>photos</span></a> <a href="https://unfufadoo.net/tags/kamala2024" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kamala2024</span></a> <a href="https://unfufadoo.net/tags/Democrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Democrat</span></a> <a href="https://unfufadoo.net/tags/memes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>memes</span></a> <a href="https://unfufadoo.net/tags/images" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>images</span></a> <a href="https://unfufadoo.net/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://unfufadoo.net/tags/VoteBlueToSaveDemocracy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VoteBlueToSaveDemocracy</span></a> <a href="https://unfufadoo.net/tags/MastodonForHarris" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MastodonForHarris</span></a></p>
donkey<p><a href="https://unfufadoo.net/tags/donkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>donkey</span></a> <a href="https://unfufadoo.net/tags/images" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>images</span></a> <a href="https://unfufadoo.net/tags/VoteBlueToSaveDemocracy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VoteBlueToSaveDemocracy</span></a> <a href="https://unfufadoo.net/tags/photos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>photos</span></a> <a href="https://unfufadoo.net/tags/MastodonForHarris" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MastodonForHarris</span></a> <a href="https://unfufadoo.net/tags/Democrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Democrat</span></a> <a href="https://unfufadoo.net/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://unfufadoo.net/tags/kamala2024" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kamala2024</span></a> <a href="https://unfufadoo.net/tags/memes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>memes</span></a></p>
donkey<p><a href="https://unfufadoo.net/tags/donkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>donkey</span></a> <a href="https://unfufadoo.net/tags/photos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>photos</span></a> <a href="https://unfufadoo.net/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://unfufadoo.net/tags/images" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>images</span></a> <a href="https://unfufadoo.net/tags/Democrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Democrat</span></a> <a href="https://unfufadoo.net/tags/MastodonForHarris" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MastodonForHarris</span></a> <a href="https://unfufadoo.net/tags/kamala2024" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kamala2024</span></a> <a href="https://unfufadoo.net/tags/memes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>memes</span></a> <a href="https://unfufadoo.net/tags/VoteBlueToSaveDemocracy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VoteBlueToSaveDemocracy</span></a></p>
Sajid Nawaz Khan :donor:<p>For hobbyist Cobalt Strike Beacon collectors, note that the recently announced 4.11 update introduces a number of changes to frustrate Beacon configuration extraction, namely through the new `transform-obfuscate` field.</p><p>When set, this field can apply multiple layers of encoding, encryption and compression (with some recent Beacons observed with a 32 byte XOR key, configurable upto 2048 bytes!).</p><p>While still reasonably trivial to decode manually, standard automated workflows (say, through the SentinelOne parser) will now fail, not least because of changes to the well-known field markers.</p><p>Beacons with these characteristics have thus far been observed with watermarks indicative of licensed instances, though I imagine it is only a matter of time before the 4.11 capabilities become accessible to all manner of miscreants.</p><p>A sample configuration, via a staged Beacon on 104.42.26[.]200 is attached, including the three distinct XOR keys used to decode it.</p><p><a href="https://www.cobaltstrike.com/blog/cobalt-strike-411-shh-beacon-is-sleeping" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cobaltstrike.com/blog/cobalt-s</span><span class="invisible">trike-411-shh-beacon-is-sleeping</span></a></p><p><a href="https://infosec.exchange/tags/cobaltstrike" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cobaltstrike</span></a> <a href="https://infosec.exchange/tags/malwareanalysis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malwareanalysis</span></a> <a href="https://infosec.exchange/tags/forensics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>forensics</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a></p>
donkey<p><a href="https://unfufadoo.net/tags/donkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>donkey</span></a> <a href="https://unfufadoo.net/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://unfufadoo.net/tags/memes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>memes</span></a> <a href="https://unfufadoo.net/tags/MastodonForHarris" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MastodonForHarris</span></a> <a href="https://unfufadoo.net/tags/images" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>images</span></a> <a href="https://unfufadoo.net/tags/Democrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Democrat</span></a> <a href="https://unfufadoo.net/tags/VoteBlueToSaveDemocracy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VoteBlueToSaveDemocracy</span></a> <a href="https://unfufadoo.net/tags/photos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>photos</span></a> <a href="https://unfufadoo.net/tags/kamala2024" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kamala2024</span></a></p>
donkey<p><a href="https://unfufadoo.net/tags/donkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>donkey</span></a> <a href="https://unfufadoo.net/tags/MastodonForHarris" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MastodonForHarris</span></a> <a href="https://unfufadoo.net/tags/Democrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Democrat</span></a> <a href="https://unfufadoo.net/tags/memes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>memes</span></a> <a href="https://unfufadoo.net/tags/photos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>photos</span></a> <a href="https://unfufadoo.net/tags/images" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>images</span></a> <a href="https://unfufadoo.net/tags/VoteBlueToSaveDemocracy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VoteBlueToSaveDemocracy</span></a> <a href="https://unfufadoo.net/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://unfufadoo.net/tags/kamala2024" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kamala2024</span></a></p>
donkey<p><a href="https://unfufadoo.net/tags/donkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>donkey</span></a> <a href="https://unfufadoo.net/tags/photos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>photos</span></a> <a href="https://unfufadoo.net/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://unfufadoo.net/tags/images" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>images</span></a> <a href="https://unfufadoo.net/tags/MastodonForHarris" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MastodonForHarris</span></a> <a href="https://unfufadoo.net/tags/VoteBlueToSaveDemocracy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VoteBlueToSaveDemocracy</span></a> <a href="https://unfufadoo.net/tags/Democrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Democrat</span></a> <a href="https://unfufadoo.net/tags/kamala2024" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kamala2024</span></a> <a href="https://unfufadoo.net/tags/memes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>memes</span></a></p>
donkey<p><a href="https://unfufadoo.net/tags/donkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>donkey</span></a> <a href="https://unfufadoo.net/tags/images" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>images</span></a> <a href="https://unfufadoo.net/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://unfufadoo.net/tags/VoteBlueToSaveDemocracy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VoteBlueToSaveDemocracy</span></a> <a href="https://unfufadoo.net/tags/photos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>photos</span></a> <a href="https://unfufadoo.net/tags/MastodonForHarris" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MastodonForHarris</span></a> <a href="https://unfufadoo.net/tags/kamala2024" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kamala2024</span></a> <a href="https://unfufadoo.net/tags/Democrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Democrat</span></a> <a href="https://unfufadoo.net/tags/memes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>memes</span></a></p>
donkey<p>Thank you to everyone in our community! Here's our top favorited post as of now:</p><p><a href="https://unfufadoo.net/tags/donkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>donkey</span></a> <a href="https://unfufadoo.net/tags/memes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>memes</span></a> <a href="https://unfufadoo.net/tags/photos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>photos</span></a> <a href="https://unfufadoo.net/tags/images" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>images</span></a> <a href="https://unfufadoo.net/tags/kamala2024" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kamala2024</span></a> <a href="https://unfufadoo.net/tags/blueteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blueteam</span></a> <a href="https://unfufadoo.net/tags/MastodonForHarris" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MastodonForHarris</span></a> <a href="https://unfufadoo.net/tags/Democrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Democrat</span></a> <a href="https://unfufadoo.net/tags/VoteBlueToSaveDemocracy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VoteBlueToSaveDemocracy</span></a></p><p>Favorites: 20<br><a href="https://unfufadoo.net/@donkey/113261800526367560" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">unfufadoo.net/@donkey/11326180</span><span class="invisible">0526367560</span></a></p><p><a href="https://unfufadoo.net/tags/image" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>image</span></a> <a href="https://unfufadoo.net/tags/meme" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>meme</span></a> <a href="https://unfufadoo.net/tags/mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mastodon</span></a> <a href="https://unfufadoo.net/tags/community" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>community</span></a> <a href="https://unfufadoo.net/tags/toots" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>toots</span></a> <a href="https://unfufadoo.net/tags/highlights" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>highlights</span></a></p>
SearchLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload