TShark & jq, (Sat, Jan 8th)
TShark (Wireshark's command-line version) can output JSON data, as shown in diary entry "Quicktip: TShark's…
Day: January 10, 2022
Extracting Cobalt Strike Beacons from MSBuild Scripts, (Sun, Jan 9th)
There is also a video of this analysis. Renato gives an extensive analysis of MSBuild…
ISC Stormcast For Monday, January 10th, 2022 https://isc.sans.edu/podcastdetail.html?id=7828, (Mon, Jan 10th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.