Wednesday, October 28, 2009

Wireshark Plugin for Mariposa Botnet Command and Control

"Yamata Li of the Palo Alto Networks Threat Research Team has developed a Wireshark plugin that will allow you to view obfuscated pcaps of traffic from a Mariposa infected client and actually decrypt them within Wireshark."

Thanks Yamata, the time and effort you have put into this plug-in is much appreciated. 

Threat Analyst

No comments: