Detecting Beacon Malware

Question: Use the “cobaltstrike_beacon” index and the “bro:http:json” sourcetype. What is the most straightforward Splunk command to pinpoint beaconing from the source to the destination? Answer format: One word

Am i missing something obvious here?

1 Like

Think of something related to time.

1 Like

You can go to Lovecraft Locker apk latest version, I think you should download mods from there