Wireshark Plugin for Mariposa Botnet Command and Control

[SysAdMini]

http://www.paloaltonetworks.com/researchcenter/2009/10/mariposa-tool/

Yamata Li of the Palo Alto Networks Threat Research Team has developed a Wireshark plugin that will allow you to view obfuscated pcaps of traffic from a Mariposa infected client and actually decrypt them within Wireshark.