Additional resources related to our blog post Deep-dive into Quantum Insert:
http://blog.fox-it.com/2015/04/20/deep-dive-into-quantum-insert/
PCAP data for research and testing purposes can be found here:
https://github.com/fox-it/quantuminsert/tree/master/pcaps
We made proof of concept detection capabilities for Bro and Snort to detect QUANTUMINSERT
. Suricata was already capable to detect these kind of attacks.
For more information:
https://github.com/fox-it/quantuminsert/tree/master/detection
The tools that we used to simulate and perform QUANTUMINSERT
can be found here:
https://github.com/fox-it/quantuminsert/tree/master/poc
The modified scripts that were used to perform the Harlem Shake QI demo at BroCon2015:
https://github.com/fox-it/quantuminsert/tree/master/presentations/brocon2015/demo
Talks we did on Quantum Insert.