top | item 36485236

(no title)

I've been in the cyber security/threat intelligence industry for a couple years now and noted that one problem I've had at every job I've worked at is how much of a pain it is to download malware, scan malicious infrastructure, and download certificate information from servers and domains controlled by hackers. You have to manage VPNs that you hope are secure and not compromised, constantly refresh your virtual machines and pay close attention to operational security so that you don't tip off the threat actors that you're onto them, or, worse, give them your identity. This is a pain, took tons of time out of my day and wasn't at all scalable.

So I built GrabbrApp.

GrabbrApp is a tool that puts a layer of ephemeral infrastructure, or infrastructure that disappears after some time, between you and the hackers and infrastructure you're researching. You make the request, it's routed through a VPS, the response is returned via the API and the VPS "detonates" after 2 hours, leaving hackers clueless as to who scanned their infrastructure and why.

Right now it's in public beta and only handles SSL certificate downloads, but next on the list of features is file downloads, giving you the ability to download malware from command-and-control (C2) servers securely, at scale.

Check it out and let me know what you think!

discuss

No comments yet.