flightsim icon indicating copy to clipboard operation
flightsim copied to clipboard
verified publisher icon alphasoc

Extend c2 module to generate malicious JARM fingerprints

Open chrisforce1 opened this issue 4 years ago • 0 comments

It seems we can spoof JARM server fingerprints, i.e.

https://grimminck.medium.com/spoofing-jarm-signatures-i-am-the-cobalt-strike-server-now-a27bd549fc6b

The idea would be to set up a TLS server and have flightsim interact with it to generate the bad JARM fingerprint.

chrisforce1 avatar Jan 18 '21 20:01 chrisforce1