Analysis of Amadey Bot Infrastructure Using Shodan
Analysing a suspicious ip address found in my previous post on Amadey Bot Malware. Utilising Shodan and Censys to pivot to additional Amadey infrastructure.
Here you’ll see how to use a known c2 to craft additional queries based on html content and certificate information. In total, 12 unique servers will be identified. Analysis of Amadey Bot Infrastructure Using Shodan