Threat Hunting Beyond Your Boundary With Open Source Tools: Automating With Python and Shodan
Description
While not commonly considered a threat-hunting tool, Shodan can help discover malicious trust relationships between internal and external hosts. This week’s #TechTalkTuesday leverages CISA’s recent top 16 Chinese APT CVEs advisory and a python tool called SHIFT we open-sourced at our RSAC conference talk last week to look for internal IPs in a packet capture file communicating with vulnerable external hosts.