Wednesday, October 28, 2009

Wireshark Plugin for Mariposa Botnet Command and Control

Spread the word about Defence Intelligence. Sharing is caring.

"Yamata Li of the Palo Alto Networks Threat Research Team has developed a Wireshark plugin that will allow you to view obfuscated pcaps of traffic from a Mariposa infected client and actually decrypt them within Wireshark."


http://www.paloaltonetworks.com/researchcenter/2009/10/mariposa-tool/

Thanks Yamata, the time and effort you have put into this plug-in is much appreciated. 

B.Kilrea
Threat Analyst

No comments: