Daniel Roberson - exploits and 0-day as attribution

Posts
About
Notes
Projects
Time
Posts

About

Notes

Projects

Time

exploits and 0-day as attribution

0001-01-01

Often, attribution of a threat actor can be determined by which vulnerabilities they are leveraging in order to ultimately run their payloads. This is especially true if it is a 0-day; the chances of two groups simultaneously leveraging an 0-day in the same manner within a short period of time is low.

Links to this note

Main Index
falseflags-kaspersky2017
Main Index - E

Recent Posts

Linux Persistence: Modular Software

2025-04-17 DFIR CTF persistence linux persistence apache asterisk

Linux Persistence: Web Shells

2025-04-16 DFIR persistence webshell linux persistence webshell apache nginx PHP

Linux Persistence: Rootkits

2025-04-15 DFIR persistence rootkit LKM linux persistence LKM rootkit LD_PRELOAD kprobe ftrace ld.so hooking

Linux Persistence: Processes

2025-04-11 DFIR persistence processes linux persistence processes

Defanging Linux LKM Rootkits With cleanup_module()

2025-04-05 Linux LKM rootkits EDR hooks incident response Linux LKM rootkit