Christoffer S.<p>I just published the source code for my very naive <a href="https://swecyb.com/tags/Python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Python</span></a> implementation for generating a node network based on MITRE Intrusion Sets and Techniques. It will output linked <a href="https://swecyb.com/tags/Markdown" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Markdown</span></a> files linking intrusion sets to their used techniques.</p><p>Perhaps someone finds it useful or interesting to experiment with.</p><p>Source code: <a href="https://github.com/cstromblad/markdown_node" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/cstromblad/markdown</span><span class="invisible">_node</span></a></p><p>I hinted at this in a thread started by <span class="h-card" translate="no"><a href="https://mastodon.social/@Viss" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Viss</span></a></span> where he asked for input on a few very likely malicious domains. Me <span class="h-card" translate="no"><a href="https://mastodon.social/@Viss" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Viss</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@cR0w" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>cR0w</span></a></span> <span class="h-card" translate="no"><a href="https://masto.deoan.org/@neurovagrant" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>neurovagrant</span></a></span> and others did some OSINT fun work with a couple of the original domains.</p><p>It was this thread: <a href="https://mastodon.social/@Viss/114145122623079635" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mastodon.social/@Viss/11414512</span><span class="invisible">2623079635</span></a></p><p>Now I posted a picture of a node network rendered in Obsidian and I hinted that perhaps Obsidian could be used as a poor mans version of performing threat intelligence work.</p><p><a href="https://swecyb.com/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThreatIntel</span></a> <a href="https://swecyb.com/tags/ThreatIntelligence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ThreatIntelligence</span></a> <a href="https://swecyb.com/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://swecyb.com/tags/Obsidian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Obsidian</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
social.kyiv.dcomm.net.ua is one of the many independent Mastodon servers you can use to participate in the fediverse.
Київський інстанс є частиною https://dcomm.net.ua.
Українські локальні інстанси Mastodon були розгорнуті в 9 українських містах у серпні-вересні 2022 року
Administered by:
Server stats:
109active users
social.kyiv.dcomm.net.ua: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.4
#threatintel
12 posts · 10 participants · 0 posts today
Brian Clark<p>The free service from portmap.io is being abused to support malware C2 communications. If you don’t use it, I suggest blocking *.portmap.io via DNS, NGFW and/or web proxy.</p><p><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>threatintel</span></a> </p><p>From: <span class="h-card" translate="no"><a href="https://infosec.exchange/@ScumBots" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ScumBots</span></a></span><br><a href="https://infosec.exchange/@ScumBots/114167879065509347" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@ScumBots/114</span><span class="invisible">167879065509347</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload