BIG FILE |
| 2024-09-16 | Xavier Mertens | Managing PE Files With Overlays |
BIG |
| 2024-09-16/a> | Xavier Mertens | Managing PE Files With Overlays |
| 2022-07-20/a> | Johannes Ullrich | Apple Patches Everything Day |
| 2022-05-13/a> | Johannes Ullrich | From 0-Day to Mirai: 7 days of BIG-IP Exploits |
| 2022-05-08/a> | Johannes Ullrich | F5 BIG-IP Unauthenticated RCE Vulnerability (CVE-2022-1388) |
| 2020-09-09/a> | Johannes Ullrich | A First Look at macOS 11 Big Sur Network Traffic (New! Now with more GREASE!) |
| 2020-07-06/a> | Johannes Ullrich | Summary of CVE-2020-5902 F5 BIG-IP RCE Vulnerability Exploits |
| 2020-07-05/a> | Didier Stevens | CVE-2020-5902 F5 BIG-IP Exploitation Attempt |
| 2015-05-23/a> | Guy Bruneau | Business Value in "Big Data" |
| 2014-09-03/a> | Johannes Ullrich | F5 BigIP Unauthenticated rsync Vulnerability |
| 2013-08-09/a> | Kevin Shortt | Copy Machines - Changing Scanned Content |
| 2011-11-11/a> | Rick Wanner | What's up with fbi.gov DNS? |
| 2011-04-28/a> | Chris Mohan | Gathering and use of location information fears - or is it all a bit too late |
| 2011-01-12/a> | Richard Porter | Has Big Brother gone Global? |
FILE |
| 2025-02-13/a> | Guy Bruneau | DShield SIEM Docker Updates |
| 2025-01-28/a> | Xavier Mertens | Fileless Python InfoStealer Targeting Exodus |
| 2024-12-20/a> | Xavier Mertens | Christmas "Gift" Delivered Through SSH |
| 2024-12-15/a> | Johannes Ullrich | Exploit attempts inspired by recent Struts2 File Upload Vulnerability (CVE-2024-53677, CVE-2023-50164) |
| 2024-09-16/a> | Xavier Mertens | Managing PE Files With Overlays |
| 2024-05-31/a> | Xavier Mertens | "K1w1" InfoStealer Uses gofile.io for Exfiltration |
| 2023-11-20/a> | Jesse La Grew | Overflowing Web Honeypot Logs |
| 2023-09-29/a> | Xavier Mertens | Are You Still Storing Passwords In Plain Text Files? |
| 2023-07-23/a> | Guy Bruneau | Install & Configure Filebeat on Raspberry Pi ARM64 to Parse DShield Sensor Logs |
| 2023-06-09/a> | Xavier Mertens | Undetected PowerShell Backdoor Disguised as a Profile File |
| 2023-04-04/a> | Johannes Ullrich | Analyzing the efile.com Malware "efail" |
| 2023-02-24/a> | Brad Duncan | URL files and WebDAV used for IcedID (Bokbot) infection |
| 2023-01-21/a> | Guy Bruneau | DShield Sensor JSON Log to Elasticsearch |
| 2023-01-04/a> | Rob VandenBrink | Update to RTRBK - Diff and File Dates in PowerShell |
| 2022-12-20/a> | Xavier Mertens | Linux File System Monitoring & Actions |
| 2022-07-25/a> | Xavier Mertens | PowerShell Script with Fileless Capability |
| 2022-07-17/a> | Didier Stevens | Python: Files In Use By Another Process |
| 2022-06-25/a> | Xavier Mertens | Malicious Code Passed to PowerShell via the Clipboard |
| 2022-06-04/a> | Guy Bruneau | Spam Email Contains a Very Large ISO file |
| 2022-06-03/a> | Xavier Mertens | Sandbox Evasion... With Just a Filename! |
| 2022-05-29/a> | Didier Stevens | Extracting The Overlay Of A PE File |
| 2022-05-28/a> | Didier Stevens | Huge Signed PE File: Keeping The Signature |
| 2022-05-26/a> | Didier Stevens | Huge Signed PE File |
| 2022-05-23/a> | Johannes Ullrich | Attacker Scanning for jQuery-File-Upload |
| 2022-05-20/a> | Xavier Mertens | A 'Zip Bomb' to Bypass Security Controls & Sandboxes |
| 2022-03-24/a> | Xavier Mertens | Malware Delivered Through Free Sharing Tool |
| 2021-09-11/a> | Guy Bruneau | Shipping to Elasticsearch Microsoft DNS Logs |
| 2021-05-02/a> | Didier Stevens | PuTTY And FileZilla Use The Same Fingerprint Registry Keys |
| 2021-04-10/a> | Guy Bruneau | Building an IDS Sensor with Suricata & Zeek with Logs to ELK |
| 2021-03-12/a> | Guy Bruneau | Microsoft DHCP Logs Shipped to ELK |
| 2021-02-12/a> | Xavier Mertens | AgentTesla Dropped Through Automatic Click in Microsoft Help File |
| 2020-06-12/a> | Xavier Mertens | Malicious Excel Delivering Fileless Payload |
| 2020-05-22/a> | Didier Stevens | Some Strings to Remember |
| 2020-05-04/a> | Didier Stevens | Sysmon and File Deletion |
| 2020-03-21/a> | Guy Bruneau | Honeypot - Scanning and Targeting Devices & Services |
| 2019-10-03/a> | Xavier Mertens | "Lost_Files" Ransomware |
| 2019-08-04/a> | Didier Stevens | Detecting ZLIB Compression |
| 2019-02-19/a> | Didier Stevens | Identifying Files: Failure Happens |
| 2018-11-05/a> | Johannes Ullrich | Struts 2.3 Vulnerable to Two Year old File Upload Flaw |
| 2017-11-29/a> | Xavier Mertens | Fileless Malicious PowerShell Sample |
| 2017-10-30/a> | Didier Stevens | PE files and debug info |
| 2017-10-24/a> | Xavier Mertens | Stop relying on file extensions |
| 2017-07-19/a> | Xavier Mertens | Bots Searching for Keys & Config Files |
| 2017-07-02/a> | Didier Stevens | PE Section Name Descriptions |
| 2017-05-26/a> | Lorna Hutcheson | File2pcap - A new tool for your toolkit! |
| 2016-08-24/a> | Xavier Mertens | Example of Targeted Attack Through a Proxy PAC File |
| 2016-05-21/a> | Didier Stevens | Python Malware - Part 2 |
| 2016-03-30/a> | Xavier Mertens | What to watch with your FIM? |
| 2016-01-20/a> | Xavier Mertens | /tmp, %TEMP%, ~/Desktop, T:\, ... A goldmine for pentesters! |
| 2015-07-12/a> | Didier Stevens | Jump List Files Are OLE Files |
| 2014-03-17/a> | Johannes Ullrich | Scans for FCKEditor File Manager |
| 2014-02-28/a> | Daniel Wesemann | Oversharing |
| 2014-01-11/a> | Guy Bruneau | tcpflow 1.4.4 and some of its most Interesting Features |
| 2013-08-26/a> | Alex Stanford | Stop, Drop and File Carve |
| 2013-08-21/a> | Alex Stanford | Psst. Your Browser Knows All Your Secrets. |
| 2011-11-28/a> | Tom Liston | A Puzzlement... |
| 2011-08-15/a> | Mark Hofman | How to find unwanted files on workstations |
| 2009-12-28/a> | Johannes Ullrich | 8 Basic Rules to Implement Secure File Uploads http://jbu.me/48 (inspired by IIS ; bug) |
| 2009-08-13/a> | Jim Clausing | Tools for extracting files from pcaps |
| 2009-06-27/a> | Tony Carothers | New NIAP Strategy on the Horizon |
| 2009-05-27/a> | donald smith | Host file black lists |
| 2009-05-25/a> | Jim Clausing | More tools for (US) Memorial Day |
| 2008-03-13/a> | Jason Lam | Remote File Include spoof!? |
