Hunting Impacket: Part 2

Hunting Impacket Part 2

Impacket Overview Welcome back. This is part two of our blog series covering the Impacket example tools. Impacket is a collection of Python classes focused on providing tools to understand and manipulate low-level network protocols. This capability enables you to craft or decode packets of a wide variety of protocols such as IP, TCP, UDP, […]

Hunting Impacket: Part 1

Hunting Impacket

Impacket Overview Impacket is a collection of Python classes focused on providing tools to understand and manipulate low-level network protocols. This capability enables you to craft or decode packets of a wide variety of protocols such as IP, TCP, UDP, ICMP, and even higher-level protocols like SMB, MSRPC, NetBIOS, and others.One of the key strengths […]

SnapAttack ThreatLabs: How to Detect CVE-2023-46214

How to Detect CVE-2023-46214 SnapAttack ThreatLabs

Authored by Trenton Tait Threat Researcher at SnapAttack Linkedin Table of Contents: Intro + Overview Exploitation Example MITRE Mitigations Conclusion Detections, Attack Captures, and Resources CVE-2023-46214 is identified as a Remote Code Execution (RCE) vulnerability within Splunk Enterprise, as reported in the Splunk security advisory SVD-2023-1104 on November 16, 2023. Successful exploitation of this vulnerability […]