sud0woodo

Category: Network Detection

Developing Urgent11 Detection with Suricata

Summary In july of 2019 Armis released a technical whitepaper detailing numerous vulnerabilities found in devices running VxWorks. Since this post is not about explaining what VxWorks is, or why the vulnerabilities are so impactful, I will leave you with this link to the post that Armis put out in july. Since I’m developing Suricata […]

Suriflaska – Flask server for testing Snort / Suricata rules

This post is a small follow-up on the network detection theme that I have been posting the last couple months. Recently I got more into writing rules for detecting network threats and wanted to create something similar to what is used in some bigger blue team companies. So without going too much in the why’s, […]

Detecting the SpeakUp Trojan using Snort

On February 4th, Check Point Research released a post about a new undetected Trojan that was part of a new campaign, exploiting Linux servers. Check Point Research dubbed this Trojan ‘SpeakUp’. The Trojan exploits known vulnerabilities in six different Linux distributions. The malware developer was correlated with ‘Zettabit’ due to it having a lot in […]

Back to top