Pygmy Goat – D E C E I V E R . I O

Deceive, Detect, Engage

Hunting Pygmy Goat communication

The attacker is using a malicious scheduled task to connect back to a C2 server.

Pygmy goat Backdoor

Pygmy Goat uses the LD_PRELOAD environment variable to inject itself into the sshd process, ensuring it’s loaded and executed whenever the SSH daemon starts.

Tag: Pygmy Goat

Hunting Pygmy Goat communication

Pygmy goat Backdoor

ORION Detlab: Forging Resilient Detections in the HEFAISTOS Ecosystem

The Maieutic Engine: Birth of a New Detection Engineering Paradigm

The Forge, The Guide, and The Hunter: Unifying Detection Engineering with the Mythological Triad of HEFAISTOS, KEDALION, and ORION

Dendrite: Bridging the Synaptic Gap Between External Intelligence and Internal Defense