Posts by himanshu.modi2021

@himanshu.modi2021

Himanshu Kumar Modi

himanshumodi.vercel.app Joined April 2026

151 Points • 3 Badges • 0 Connections • 0 Followers • 0 Following

Profile Stats Wall Posts Badges

Posts by himanshu.modi2021

Posts Comments Reviews

himanshu.modi2021 • Apr 7 • in Articles • 4 min read

Ursnif Malware — Reconstructing a 6-Stage Infection Chain from a PCAP

date: 2026-03-20 description: A walkthrough of my first real malware PCAP investigation — how Ursnif used .avi file extensions to disguise DLL payloads, TLS C2 beaconing, and how I mapped the full attack to MITRE ATT&CK with Splunk detection rules. ...

2 Reactions 1 Comments

himanshu.modi2021 • Apr 7 • in Articles • 3 min read

Emotet + Cobalt Strike — Dissecting a Multi-Stage Attack in Wireshark

description: How I identified Cobalt Strike C2 servers using Host header masquerading detection, found 3 payload domains via time-bounded TLS SNI hunting, and traced a malspam campaign — all from a single PCAP in the TryHackMe Carnage room. tags: se...

0 Reactions 0 Comments

Welcome to Coder Legion

Connect with 4,021 amazing developers

Don't have an account? Sign up

OR

Posts by himanshu.modi2021

Himanshu Kumar Modi

Posts by himanshu.modi2021

Latest Jobs