threatintel - Cybervandals | a Blog on modern DDoS

Jun 13, 2024 analysis blueteam hacktivism killnet noname threatintel

DDoS-Attacks on EU-Insitutions by russian activist, analyzed and summarized

TL;DR: While attacks are ongoing and are problem for some institutions, most defenders could go with Geofencing, and we did not saw widespread coordinated

Nov 24, 2023 advanced attack ddos layer7 no_AI purehuman redteam threatintel

Fuzzing Smugglers / A dive into attacking WAFs

Utilizing a blend of header smuggling and header fuzzing, sophisticated HTTP attack techniques can effectively deliver DDoS payloads, either by evading detection by Web Application Firewalls (WAFs) or by targeting the WAF-encoders themselves

Oct 25, 2023 analysis blueteam booter ddos defence mitigation purehuman no_AI threatintel

New Tactics from Booterservices

New TTP allows booterservice to mitigate GeoFencing

Oct 23, 2023 analysis advanced blueteam defence ddos layer7 no_AI purehuman redteam threatintel tools protocol http2

HTTP/2 attacks measured (Floods and RapidReset)

a comparison of HTTP/2 RapidReset vector-potential vs established vectors: IoT/HTTP/2 Multiplexing

Oct 10, 2023 advanced analysis blueteam ddos defence no_AI purehuman redteam threatintel tools

Layer-7 Bots capabilities (IoT vs PseudoBrowser vs Browser)

A comparison of IoT-Bots, Pseudobrowsers and Browserbots used in Layer-7-DDoS-Attacks