Focus Areas:
Security Operations & Defense
,
Threat Intelligence
This Tool Demo covers following tools where the speaker has contributed or authored
CERTPIVOT
CERTPIVOT
Abstract
CertPivot is a newest module of LAMMA specifically focuses on 2 features. One is Infra-Chaining using TLS certificates and second Cert-Check which looks for non-trusted TLS certificates in the trust store of a given machine.
Infra-Chaining feature of CertPivot module is useful specially for threat hunters and incident respondents, where as Certi-Check feature can be additionally used by admins and crypto-auditors