PinnedMichael KoczwaraCobalt Strike PowerShell Payload AnalysisI have spotted this interesting tweet from Malwar3Ninja and decided to take a look and analyse the Cobalt Strike PowerShell payload.·8 min read·Sep 1, 2021----
PinnedMichael KoczwaraCobalt Strike Hunting — DLL Hijacking/Attack AnalysisDLL Hijacking via Cobalt Strike·6 min read·Aug 17, 2021----
PinnedMichael KoczwaraCobalt Strike Hunting — Malleable C2 jQuery profile & rundll32 AnalysisMalleable C2 — jQuery profiles.·4 min read·Aug 5, 2021----
PinnedMichael KoczwaraCobalt Strike Hunting — simple PCAP and Beacon AnalysisLegit healthcare company.4 min read·Jul 21, 2021----
Michael KoczwarainDetect FYIHunting Malicious Infrastructure-Headers and Hardcoded/Static StringsIn my last blog Hunting Malicious Infrastructure using JARM and HTTP Response3 min read·Dec 5, 2023----
Michael KoczwaraThreat Intel-Pivoting using CensysHunting malicious infrastructure: Muddy Water Cyberespionage Threat Actor from Iran 🇮🇷3 min read·Nov 5, 2023----
Michael KoczwaraAPT 29 Initial Access Killchain -MITRE ATT@CK MappingAPT29/Nobelium Initial Access & ATT@CK Mapping·3 min read·May 23, 2023--1--1
Michael KoczwarainDetect FYIHunting Malicious Infrastructure using JARM and HTTP ResponseHunting QBot C2 and Brute Ratel C4 Infrastructure·4 min read·May 16, 2023----
Michael KoczwaraMalicious DLL AnalysisStatic/Dynamic Analysis and Reversing·9 min read·Feb 20, 2023----