Attack Infrastructure

Ranging from command and control, phishing domains and relays, a threat actor needs infrastructure to be able to perform effective attacks.


TLDR; use Splunk as a central log database and analysis system for offensive infrastructure logs. In many engagements, you will want accurate logging across multiple RAT systems, phishing web servers, mail systems, and more. Currently only supports Cobalt Strike, but will be looking at supporting Empire, Pupy, Metasploit, Apache, Nginx, »