Snort rule doesn’t match the content in Meterpreter session packet
I’m working on a university project and I’m trying to identify a reverse shell attack with Snort IDS.
For the attack I used Meterpreter/reverse_tcp and analyzed the packets via Wireshark for traces to use in Snort rules.
I managed to find … Continue reading Snort rule doesn’t match the content in Meterpreter session packet