Please note I am in debt to Nex (botherder) because I temporary make use of his viper interface
to hold my DNS-IP address pair information for query the OSINT from various sources, mainly: VirusTotal
right now. I am going to rewrite everything, including the interface so that I want to publish a tool for all Malware Analysts to query network informations of APT or wateinghole attacks domain information from various sources. Here is the preview.
This may be the last personal blog. In December 2014, I setup Dragon Threat Labs with @int0x00 and i***[@]gmail.com. All my future posting can be found at here. @int0x00 has just published the first blog in discussing an extended Umbrella Movement watering holes attack in Hong Kong which shows interesting drive-by-download using VB Scripts and PowerShell scripts. Hope you will enjoy….