TGI HUNT VulnTesting Domain (kryptoslogic-cve-2021-44228 .com in TLS SNI)

SID: 2610216Rev: 116 views
History
Sourcetgreen/hunting
CreatedMarch 19, 2025
UpdatedMarch 19, 2025
Classificationtrojan-activity
alert tls $HOME_NET any -> $EXTERNAL_NET any (msg:"TGI HUNT VulnTesting Domain (kryptoslogic-cve-2021-44228 .com in TLS SNI)"; flow:established,to_server; tls_sni; content:"kryptoslogic-cve-2021-44228.com"; isdataat:!1,relative; nocase; reference:url,gist.github.com/travisbgreen/3f7ddcd5841d802e536d5854e2218e8c; classtype:trojan-activity; sid:2610216; rev:1;)

References

urlgist.github.com/travisbgreen/3f7ddcd5841d802e536d5854e2218e8c

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!