BestHub
search
Sign in
Tag

Suricata

1 views collected around this technical thread.

Bilibili Tech
Bilibili Tech
Jan 17, 2023 · Information Security

Botnet Threat Analysis and Detection Strategies: PBot, Xanthe and Countermeasures

The article delivers a technical overview of modern botnet threats, detailing the PBot and Xanthe families, their infection vectors, command‑and‑control operations, and provides practical detection, mitigation, and statistical analysis methods for defending against large‑scale DDoS, spam, and other malicious activities.

DetectionSuricatabotnet
0 likes · 17 min read
Botnet Threat Analysis and Detection Strategies: PBot, Xanthe and Countermeasures
Bilibili Tech
Bilibili Tech
Nov 4, 2022 · Information Security

Analysis of Sliver C2 Tool Traffic Features and Detection Rules for Snort/Suricata

The paper systematically analyzes the Sliver C2 framework’s HTTP and HTTPS traffic, detailing URL, cookie, and parameter patterns as well as JA3/JA3S TLS fingerprints, and presents validated Snort and Suricata rules that reliably detect Sliver beacons while highlighting evasion challenges and broader applicability to emerging malware tools.

C2 detectionJA3Snort
0 likes · 17 min read
Analysis of Sliver C2 Tool Traffic Features and Detection Rules for Snort/Suricata