Analysing a suspicious ip address found in my previous post on Amadey Bot Malware. Utilising Shodan and Censys to pivot to additional Amadey infrastructure.
Here you’ll see how to use a known c2 to craft additional queries based on html content and certificate information. In total, 12 unique servers will be identified. Analysis of Amadey Bot Infrastructure Using Shodan
so.cl
Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer