Help! There’s an OpenBullet Attack Config for Our Site – What Should we Do?

July 20, 2020

Thinly veiled as a web testing tool, OpenBullet a commonly used attack management toolkit that allows a bad actor to create and execute automated account takeovers and other types of attacks. Complete with its’s own GitHub repo and user community, OpenBullet allows a bad actor to create or import a predefined attack config, add the prosy infrastructure and user credentials, then launch and track the status of the attack.

OpenBullet, along with Snipr MBA BlackBullet, and ComboList have dramatically simplified the act of launching an attack and in so doing, have made security professionals’ lives a bit more difficult. Faced with this level of sophistication and ease of use, security teams can proactively use these tools and their related user forums to their advantage resulting in an improved security posture.

  1. Use advanced search techniques to uncover attack configs targeting your site.
  2. Participate in their user forums to gain an understanding of your adversary.
  3. Download, install and use the attack tools to understand their inner workings.

To learn more about each of these techniques, please join Will Glazier, head of security research at Cequence Security for an informative and interactive webinar on July 22nd at 1:00 PST where he will provide tips and techniques to help you uncover the existence of an attack config, then demonstrate how it is used in OpenBullet, providing pointers on how to use OpenBullet to your mitigation advantage. A demonstration of Cequence Bot Defense will wrap up the session.

Register today.


bot attackOpenBulletSniprwebinar

About the Author

Matt Keil

Matt Keil

Director of Product Marketing

Ground Hog
9 July 2020

Kasa Camera Vulnerability Discovery: Responsible Disclosures Feel Like Groundhog Day, Again

Read More
Silver Tail Replacement
23 June 2020

Looking for a Silver Tail Replacement?

Read More
protect api's from bot attacks
11 June 2020

APIs: The Next-Frontier in Cyber-Crime

Read More
Target APIs
8 June 2020

Tales from the Front Lines: Attackers Target APIs with GET-Based ATOs 

Read More
4 June 2020

Tales from the Frontlines: Increasingly Sophisticated Cat and Mouse Games  

Read More

Subscribe to our blog