Robot | Path | Permission |
GoogleBot | / | ✔ |
BingBot | / | ✔ |
BaiduSpider | / | ✔ |
YandexBot | / | ✔ |
Title | Justin Warner – |
Description | Using Kaitai Struct to Parse Cobalt Strike Beacon Read writing from Justin Warner on Medium. Tech: Threat Intel | Photographer @ https://www.justinwarnerphoto.com. Every day, Justin Warner and thousands of other voices read, write, and share important stories on |
Keywords | N/A |
WebSite | sixdub.net |
Host IP | 216.239.36.21 |
Location | United States |
Site | Rank |
US$1,911
Last updated: 2023-05-12 18:42:37
sixdub.net has Semrush global rank of 0. sixdub.net has an estimated worth of US$ 1,911, based on its estimated Ads revenue. sixdub.net receives approximately 220 unique visitors each day. Its web server is located in United States, with IP address 216.239.36.21. According to SiteAdvisor, sixdub.net is safe to visit. |
Purchase/Sale Value | US$1,911 |
Daily Ads Revenue | US$1 |
Monthly Ads Revenue | US$52 |
Yearly Ads Revenue | US$635 |
Daily Unique Visitors | 14 |
Note: All traffic and earnings values are estimates. |
Host | Type | TTL | Data |
sixdub.net. | A | 3598 | IP: 216.239.36.21 |
sixdub.net. | A | 3598 | IP: 216.239.38.21 |
sixdub.net. | A | 3598 | IP: 216.239.32.21 |
sixdub.net. | A | 3598 | IP: 216.239.34.21 |
sixdub.net. | AAAA | 3598 | IPV6: 2001:4860:4802:34::15 |
sixdub.net. | AAAA | 3598 | IPV6: 2001:4860:4802:38::15 |
sixdub.net. | AAAA | 3598 | IPV6: 2001:4860:4802:32::15 |
sixdub.net. | AAAA | 3598 | IPV6: 2001:4860:4802:36::15 |
sixdub.net. | NS | 21600 | NS Record: ns-cloud-d1.googledomains.com. |
sixdub.net. | NS | 21600 | NS Record: ns-cloud-d3.googledomains.com. |
sixdub.net. | NS | 21600 | NS Record: ns-cloud-d4.googledomains.com. |
sixdub.net. | NS | 21600 | NS Record: ns-cloud-d2.googledomains.com. |
sixdub.net. | MX | 3600 | MX Record: 10 alt4.aspmx.l.google.com. |
sixdub.net. | MX | 3600 | MX Record: 10 alt3.aspmx.l.google.com. |
sixdub.net. | MX | 3600 | MX Record: 5 alt1.aspmx.l.google.com. |
sixdub.net. | MX | 3600 | MX Record: 1 aspmx.l.google.com. |
sixdub.net. | MX | 3600 | MX Record: 5 alt2.aspmx.l.google.com. |
sixdub.net. | TXT | 1800 | TXT Record: google-site-verification=Y_rfYa6mGCsCHdRBz7tnxnGtRSeZCJWvRs41gMPkcNk |
Open in app Sign up Sign In Write Sign up Sign In Justin Warner 67 Followers Home About Apr 6, 2021 Using Kaitai Struct to Parse Cobalt Strike Beacon Configs I have seen a definite uptick in security researchers hunting Cobalt Strike servers, and tweeting/sharing indicators or config data. There are two popular config parsing methods I have seen: the Nmap NSE script written by @notwhickey and the Sentinel One parser by @gal_kristal (yes, I am aware many organizations have… Beacons 9 min read Beacons 9 min read Jul 23, 2018 Do You Miss Being a Red Teamer? It is a question that gets posed to me pretty frequently: “Do you miss being a red teamer?” If you came all the way to my blog to see the answer, I will save you some time and from reading a couple hundred words — No. The real meaning of… Red Team 3 min read Red Team 3 min read Apr 5, 2017 Infrastructure Diversity — Hunting In Shared Infrastructure As an attacker, it is all too easy to settle down into a rhythm. That rhythm of |
HTTP/1.1 302 Found Location: https://medium.com/@sixdub Date: Sun, 19 Dec 2021 19:59:05 GMT Content-Type: text/html; charset=UTF-8 Server: ghs Content-Length: 223 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN HTTP/2 301 date: Sun, 19 Dec 2021 19:59:06 GMT content-type: text/plain; charset=utf-8 content-length: 60 location: https://sixdub.medium.com/ cf-ray: 6c03359da9c31a38-EWR cache-control: no-cache, no-store, max-age=0, must-revalidate set-cookie: uid=lo_c348a089102f; Domain=medium.com; Path=/; Expires=Mon, 19 Dec 2022 19:59:05 GMT; HttpOnly; Secure; SameSite=None strict-transport-security: max-age=15552000; includeSubDomains; preload vary: Accept, Accept-Encoding cf-cache-status: DYNAMIC content-security-policy: frame-ancestors 'self' https://medium.com expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" medium-fulfilled-by: edgy/8.2.0, valencia/main-20211216-182945-b7ff92d7c2, lite/main-20211217-225647-88b7fd1f88, rito/main-20211217-204320-9fccb0cea4, tutu/main-20211216-214733-d60259fedb medium-missing-time: 67 worker-missing-cookies: 3 x-content-type-options: nosniff x-envoy-upstream-service-time: 181 x-request-received-at: 1639943945920 set-cookie: sid=1%3AaJWWEi%2B5FRdNR4PlerA2qz7ZyYl1sv%2BcZGHa4dAgBv0m3H3bv5100mKO8PYZISWs; Domain=medium.com; Path=/; Expires=Mon, 19 Dec 2022 19:59:05 GMT; HttpOnly; Secure; SameSite=None set-cookie: optimizelyEndUserId=lo_c348a089102f; Domain=medium.com; Path=/; Expires=Mon, 19 Dec 2022 19:59:05 GMT; Secure; SameSite=None set-cookie: __cfruid=5184754296dfa40d05a00328f073c1d4ae964301-1639943946; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None server: cloudflare alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 HTTP/2 200 date: Sun, 19 Dec 2021 19:59:07 GMT content-type: text/html; charset=utf-8 cf-ray: 6c03359f5baf17a5-EWR cache-control: no-cache, no-store, max-age=0, must-revalidate set-cookie: uid=lo_29d2059fd0f3; Domain=medium.com; Path=/; Expires=Mon, 19 Dec 2022 19:59:06 GMT; HttpOnly; Secure; SameSite=None strict-transport-security: max-age=15552000; includeSubDomains; preload vary: Accept-Encoding cf-cache-status: DYNAMIC content-security-policy: frame-ancestors 'self' https://medium.com expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" medium-fulfilled-by: edgy/8.2.0, valencia/main-20211216-182945-b7ff92d7c2, lite/main-20211217-225647-88b7fd1f88, rito/main-20211217-204320-9fccb0cea4, tutu/main-20211216-214733-d60259fedb medium-missing-time: 156 worker-missing-cookies: 3 x-content-type-options: nosniff x-envoy-upstream-service-time: 859 x-request-received-at: 1639943946187 set-cookie: sid=1%3ALS27mgKj9%2FIb3%2F5hmoEzFsgKaXmGkYx8ezsXB%2FZupkCuhqMXPsIAE6xLRqQulaSW; Domain=medium.com; Path=/; Expires=Mon, 19 Dec 2022 19:59:06 GMT; HttpOnly; Secure; SameSite=None set-cookie: optimizelyEndUserId=lo_29d2059fd0f3; Domain=medium.com; Path=/; Expires=Mon, 19 Dec 2022 19:59:06 GMT; Secure; SameSite=None set-cookie: __cfruid=75f94fe132011ea0fc683f17958214f9cb8e40cf-1639943947; path=/; domain=.medium.com; HttpOnly; Secure; SameSite=None server: cloudflare alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 |
Domain Name: SIXDUB.NET Registry Domain ID: 1871534760_DOMAIN_NET-VRSN Registrar WHOIS Server: whois.google.com Registrar URL: http://domains.google.com Updated Date: 2021-08-18T07:50:37Z Creation Date: 2014-08-18T03:12:38Z Registry Expiry Date: 2022-08-18T03:12:38Z Registrar: Google LLC Registrar IANA ID: 895 Registrar Abuse Contact Email: registrar-abuse@google.com Registrar Abuse Contact Phone: +1.8772376466 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: NS-CLOUD-D1.GOOGLEDOMAINS.COM Name Server: NS-CLOUD-D2.GOOGLEDOMAINS.COM Name Server: NS-CLOUD-D3.GOOGLEDOMAINS.COM Name Server: NS-CLOUD-D4.GOOGLEDOMAINS.COM DNSSEC: unsigned >>> Last update of whois database: 2021-12-23T07:47:52Z <<< |