HTTP(s) malware: download papers and files

A collection for everyone which is interested in HTTP(s) based malware analysis. This collection holds papers, pcaps and files which will assist you in getting a better understanding of the HTTP(s) malware landscape and methods which are used to detect HTTP(s) based malware.

Lots of good content to read.
cyberwarzone

Papers

A collection of papers which take a deep dive into HTTP(s) based malware.

How to identify malicious HTTP Requests

Download

HTTP header heuristics for malware detection

Download

The Ghost In The Browser
Analysis of Web-based Malware

Download

Detecting Malware-Infected Devices Using the HTTP Header
Patterns

Download

Controlling malware HTTP communications in dynamic analysis system using search engine

Download

Detecting Adaptive Data Exfiltration in HTTP Traffic

Download

Pcaps

There is a big chance that you are in need of HTTP(s) malware pcaps. In the collection below, you will find resources where you can download PCAPs of known malware samples. One of them is for example the Loki Botnet.

Loki Botnet HTTP behavior

Download

Loki Botnet HTTP behavior (v2)

Download

Netresec PCAPs

Download

Indicators of compromise

Once you have an indicator of compromise, you might want to look into these communities to check if more information is available. You can also do it in reverse, utilize these communities to find malware, papers, reports and PCAP’s.

VirusTotal

HTTP(s) malware: download papers and files

Papers

Pcaps

Indicators of compromise

Blacklists