Trisul Network Analytics
Developer Zone

User Tools

Site Tools

You are here: Home » script » Detecting covert channels in X.509 Digital Certificates using the Trisul LUA API
Trace: Simple Business Dashboard Setting up a GRE Tunnel to send Netflow to remote machine Detecting covert channels in X.509 Digital Certificates using the Trisul LUA API

Sidebar

Developer Zone

LUA Scripting

Usage Tips

Github Repos

Follow us on Twitter @trisulnsm

script:x509_ext_c2

**This is an old revision of the document!** ----

A PCRE internal error occured. This might be caused by a faulty plugin

====== Detecting covert channels in X.509 Digital Certificates using the Trisul LUA API ====== I saw a couple of blogs about a new way to create a C2 (Command and Control) channel using X.509 Certificates. This technique is described in _Abusing X.509 Certificates for Covert Data Exchange_ ((Dark Reading https://www.darkreading.com/attacks-breaches/abusing-x509-digital-certificates-for-covert-data-exchange/d/d-id/1330984?_mc=sm_dr&hootPostID=a10970e131beaf9b5a7ac86b0564b114))

script/x509_ext_c2.1518110533.txt.gz · Last modified: 2018/02/08 17:22 by veera

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki