Detecting PureLogs traffic with CapLoader

SecurityVendor
Yanac

CapLoader includes a feature for Port Independent Protocol Identification (PIPI), which can detect which protocol is being used inside of TCP and UDP sessions without relying on the port number. In this video CapLoader identifies the PureLogs C2 protocol. The PureLogs protocol detection was added to[…]NETRESEC Network Security BlogRead More