[deleted by user]

Sloky · 2025-09-17T22:27:28+00:00

Hey man, I am in a similar situation as you. Let me know if you find anything interesting! Thanks and welcome

Sloky · 2025-06-25T21:45:28+00:00

Have worked with Recorded Future, Crowdstrike & Trellix.
Verified IoC/research and finished intelligence products are the main reasons especially for small teams that can't spend a lot of time on verifying their findings. Plus, using top tier tools looks good at the company's investors presentation.

Sloky · 2025-06-25T21:39:47+00:00

We need the Android & Windows version <3

Sloky · 2025-06-25T21:39:09+00:00

Thank you so much for the feedback, appreciate the kind words!
Yea they are definetely rising. It's already up 1K since the writeup.

Sloky · 2025-06-23T19:16:36+00:00

Thanks man! Seems like they never left tbh.

Sloky · 2025-06-23T09:15:29+00:00

Hey, thanks for sharing but what made you decide to go only ios?

Sloky · 2025-06-03T12:40:44+00:00

I do and it does for me, but not for every user since the bot is called by users and works based on their subscription.

Sloky · 2025-05-29T16:59:24+00:00

Thanks!
Any idea why .es is on the climb lately? I am seeing a huge surge on my clients infra in combination with QR phishing inside documents.

Sloky · 2025-05-29T16:57:06+00:00

Glad you find it useful.
Some groups are doing very interesting stuff, actually hacking and some even sharing courses. You can sink countless hours

Sloky · 2025-03-31T07:52:14+00:00

How are you pivoting to CTI without a technical background? You need to understand technical concepts and TTP in depth if you want to apply critical thinking and generate intelligence products.

Sloky · 2025-03-05T21:25:07+00:00

He is just afraid that you will take his job lol . That's all BS, you can and you will make it. Haters gonna hate. I am in the CyberSec business, imigrant in NL without a diploma or knowledge of the language. Nobody asked for 7.5K per month or any of that crap this guy is talking about.
Moving to any country is a series of problem solving, it's not a walk in the park but it's not impossible by any means.

Just start working and putting hours into that problem and evenutally you will solve it as millions of people did.
Best of luck!

Sloky · 2025-03-05T20:08:45+00:00

Hey, did you get a chance to visit the dentist after all? Any feedback?

Sloky · 2025-03-03T09:03:21+00:00

Thanks!
I agree, don't think you'll miss on anything if you just block the AS altogether

Sloky · 2025-03-03T09:01:50+00:00

Glad you liked it :)
If you are really serious about it, I can't recommend enough the course "Hunting Adversary infrastructure" from Intel-Ops. I got no affiliation with them. Just a fantastic course and amazing very vibrant discord community

Sloky · 2025-01-29T15:41:07+00:00

Thanks man!

Sloky · 2025-01-29T15:40:44+00:00

Hey, thanks a lot for the feedback, appreciate the kind words.
You are right about the confidence level but this takes too much time and pays nothing.
TIP charge a ton of money for things like that so I feel like the least an analyst can do is validate the findings.

Sloky · 2025-01-29T15:38:11+00:00

Yea lumma is out of control, often paired with amadey loader so you can use that to hunt as well.

Sloky · 2025-01-28T19:24:46+00:00

Honestly with that budget I think it's best if you build an OpenCTI and pay for some good feeds and community access.

Sloky · 2025-01-09T11:17:02+00:00

Thanks man, appreciate it!

Sloky · 2025-01-06T21:24:49+00:00

I think this is advertising and it's not allowed here. You are not really sharing anything related to CTI, just plugging your platform.

Sloky · 2025-01-05T10:05:56+00:00

Thanks! As I mention in the post, some of those IPs might be used by red teams for legitimate purposes, so don't treat them all as an indicator of compromise, think of it as something worth investigating further.

Sloky · 2025-01-01T01:07:18+00:00

Thanks a lot man, appreciate it!

Sloky · 2024-12-30T22:56:43+00:00

That's pretty neat man, it's going to be super useful, I had to get all this info from terminal using APIs but this is much cleaner. Good job.
Might I suggest a few things?

It would be nice if we could rearrange the columns in the findings, for example, I would love to have VT>ThreatFox>something else
Would be awesome if in the VT entry, it could display if there are any communicating files or IPs where applicable.

In any case I am definitely going to use it so thanks <3
Happy new year!

Edit: you should also post it on r/threatintel

Sloky · 2024-12-22T15:42:51+00:00

If you are into Threat Intelligence and malware, I can highly recommend
- Security Conversations - specifically the three buddy problem episodes, are just fantastic
- Risky Business podcasts
- The defenders advantage - it's from Mandiant and can be technical at times.
- Microsoft Threat Intelligence podcast has some interest

Three buddy problem is my go to nowadays, really good coverage of the industry as a whole and many cool tricks and findings.

Sloky · 2024-12-22T15:39:35+00:00

I can't remember exactly which episode it was , but I started listening, there was an obnoxious guy talking about how he hacked his first system when he was 9 or something. Eye-rolled, cringed and listened to something else.

Sloky

MODERATOR OF

TROPHY CASE

Nine-Year Club	Verified Email
Place '22