Monitoring Threat Actors Cobalt Strike C2 Infrastructure with Shodan

Threat Intel Tips and Shodan queries

ReliableSite, Leaseweb, ITL-Bulgaria, and HostKey Infrastructure are good examples but you can also look for and monitor other ISP’s/orgs.


org:”ReliableSite.Net LLC” port:”443" HTTP/1.1 404 Not Found Content-Length: 0




Security Researcher [RED&BLUE]

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} US Taxi Simulator Hack Free Resources Generator

How To Prepare Your Account For The NEW Dust Release

How to get suspended from school at 13.


{UPDATE} Dress Up, Girls, Back Hack Free Resources Generator

How to end digital identity theft

Using Blur to enhance your online privacy

WordPress Security Fundamentals

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Michael Koczwara

Michael Koczwara

Security Researcher [RED&BLUE]

More from Medium

Hunting for samAccountName Spoofing (CVE-2021–42278) & Domain Controller Impersonation…

The VilNE Project

Attack Analysis — Cobalt Strike C2 & Hancitor/Malware

The Basics of Threat Modeling (Part I)