“thought it would be interesting to take a look at what the network traffic looks like from the device. and then afterward install tiktok and see what the communication looks like from it. device baseline analysis to start, i wanted to see what remote hosts the phone attempted to …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1040Network Sniffing
94%
“point. note that there were no other devices associated with the access point. there are many options to analyze pcaps. wireshark is by far the most popular, and i use it quite a bit. i also like to use command - line tools a fair amount too as in my opinion, they are easier to g…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1095Non-Application Layer Protocol
73%
“pcap open in wireshark, let ’ s take a look at the protocol hierarchy and see if there are other protocols besides http and tls we should investigate. this can be found under the statistics menu. it ’ s expected that the vast majority of the traffic from the phone will be http an…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1071.001Web Protocols
70%
“enter the ip address and port that was configured in burp suite. once my phone was communicating through burp, i rebooted it to see if the same traffic from the pcap would show up in burp. the d2to8y50b3n6dq. cloudfront. net domain appeared to be used to download a certificate st…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Derek Banks // I recently heard something on the news that caught my attention. I suppose that isn’t abnormal these days, but this in particular was the first time I […]