| 2025-01-30 | Guy Bruneau | PCAPs or It Didn't Happen: Exposing an Old Netgear Vulnerability Still Active in 2025 [Guest Diary] |
| 2024-12-26 | Jesse La Grew | Capturing Honeypot Data Beyond the Logs |
| 2023-04-08 | Xavier Mertens | Microsoft Netlogon: Potential Upcoming Impacts of CVE-2022-38023 |
| 2023-03-28 | Jesse La Grew | Network Data Collector Placement Makes a Difference |
| 2023-02-12 | Jesse La Grew | PCAP Data Analysis with Zeek |
| 2023-01-02 | Xavier Mertens | NetworkMiner 2.8 Released |
| 2022-11-14 | Jesse La Grew | Extracting 'HTTP CONNECT' Requests with Python |
| 2022-11-02 | Brad Duncan | Who put the "Dark" in DarkVNC? |
| 2022-04-28 | Johannes Ullrich | A Day of SMB: What does our SMB/RPC Honeypot see? CVE-2022-26809 |
| 2022-04-14 | Johannes Ullrich | An Update on CVE-2022-26809 - MSRPC Vulnerabliity - PATCH NOW |
| 2021-12-22 | Brad Duncan | December 2021 Forensic Contest: Answers and Analysis |
| 2021-12-08 | Brad Duncan | December 2021 Forensic Challenge |
| 2021-11-04 | Brad Duncan | October 2021 Forensic Contest: Answers and Analysis |
| 2021-10-22 | Brad Duncan | October 2021 Contest: Forensic Challenge |
| 2021-06-30 | Brad Duncan | June 2021 Forensic Contest: Answers and Analysis |
| 2021-06-17 | Daniel Wesemann | Network Forensics on Azure VMs (Part #1) |
| 2021-05-23 | Didier Stevens | Video: Making Sense Of Encrypted Cobalt Strike Traffic |
| 2021-05-19 | Brad Duncan | May 2021 Forensic Contest: Answers and Analysis |
| 2021-05-05 | Brad Duncan | May 2021 Forensic Contest |
| 2021-04-18 | Didier Stevens | Decoding Cobalt Strike Traffic |
| 2021-04-12 | Didier Stevens | Example of Cleartext Cobalt Strike Traffic (Thanks Brad) |
| 2021-04-01 | Brad Duncan | April 2021 Forensic Quiz |
| 2021-03-07 | Didier Stevens | PCAPs and Beacons |
| 2021-01-30 | Guy Bruneau | PacketSifter as Network Parsing and Telemetry Tool |
| 2021-01-05 | Johannes Ullrich | Netfox Detective: An Alternative Open-Source Packet Analysis Tool |
| 2020-12-03 | Brad Duncan | Traffic Analysis Quiz: Mr Natural |
| 2020-11-11 | Brad Duncan | Traffic Analysis Quiz: DESKTOP-FX23IK5 |
| 2020-10-10 | Didier Stevens | Open Packaging Conventions |
| 2020-09-15 | Brad Duncan | Traffic Analysis Quiz: Oh No... Another Infection! |
| 2020-08-05 | Brad Duncan | Traffic Analysis Quiz: What's the Malware From This Infection? |
| 2020-07-15 | Brad Duncan | Word docs with macros for IcedID (Bokbot) |
| 2020-05-20 | Brad Duncan | Microsoft Word document with malicious macro pushes IcedID (Bokbot) |
| 2020-04-08 | Brad Duncan | German malspam pushes ZLoader malware |
| 2020-04-01 | Brad Duncan | Qakbot malspam sent from an infected Windows host |
| 2020-01-05 | Didier Stevens | etl2pcapng: Convert .etl Capture Files To .pcapng Format |
| 2019-12-24 | Brad Duncan | Malspam with links to Word docs pushes IcedID (Bokbot) |
| 2019-12-03 | Brad Duncan | Ursnif infection with Dridex |
| 2019-11-27 | Brad Duncan | Finding an Agent Tesla malware sample |
| 2019-10-29 | Xavier Mertens | Generating PCAP Files from YAML |
| 2019-10-09 | Brad Duncan | What data does Vidar malware steal from an infected host? |
| 2019-10-03 | Jim Clausing | Buffer overflows found in libpcap and tcpdump |
| 2019-05-22 | Johannes Ullrich | An Update on the Microsoft Windows RDP "Bluekeep" Vulnerability (CVE-2019-0708) [now with pcaps] |
| 2019-04-23 | Didier Stevens | Malicious VBA Office Document Without Source Code |
| 2019-04-04 | Xavier Mertens | New Waves of Scans Detected by an Old Rule |
| 2019-03-18 | Didier Stevens | Wireshark 3.0.0 and Npcap: Some Remarks |
| 2019-03-11 | Didier Stevens | Wireshark 3.0.0 and Npcap |
| 2018-11-18 | Guy Bruneau | Multipurpose PCAP Analysis Tool |
| 2018-08-15 | Xavier Mertens | Truncating Payloads and Anonymizing PCAP files |
| 2018-06-06 | Xavier Mertens | Converting PCAP Web Traffic to Apache Log |
| 2018-01-18 | Xavier Mertens | Comment your Packet Captures! |
| 2017-11-13 | Guy Bruneau | jsonrpc Scanning for root account |
| 2017-09-28 | Xavier Mertens | The easy way to analyze huge amounts of PCAP data |
| 2017-09-25 | Renato Marinho | XPCTRA Malware Steals Banking and Digital Wallet User's Credentials |
| 2017-05-26 | Lorna Hutcheson | File2pcap - A new tool for your toolkit! |
| 2017-01-28 | Lorna Hutcheson | Packet Analysis - Where do you start? |
| 2016-11-05 | Xavier Mertens | Full Packet Capture for Dummies |
| 2016-09-26 | Didier Stevens | VBA and P-code |
| 2016-04-29 | Mark Hofman | New release of PCI DSS (version 3.2) is available |
| 2015-02-11 | Johannes Ullrich | Did PCI Just Kill E-Commerce By Saying SSL is Not Sufficient For Payment Info ? (spoiler: TLS!=SSL) |
| 2014-07-03 | Johannes Ullrich | Credit Card Processing in 700 Words or Less |
| 2014-06-04 | Richard Porter | p0f, Got Packets? |
| 2014-03-12 | Johannes Ullrich | Wordpress "Pingback" DDoS Attacks |
| 2013-12-01 | Richard Porter | BPF, PCAP, Binary, hex, why they matter? |
| 2013-11-27 | Rob VandenBrink | ATM Traffic + TCPDump + Video = Good or Evil? |
| 2013-06-05 | Richard Porter | Wireshark 1.10.0 Stable Released http://www.wireshark.org/download.html |
| 2012-11-23 | Rob VandenBrink | Risk Assessment Reloaded (thanks PCI ! ) |
| 2012-10-12 | Mark Hofman | Cyber Security Awareness Month - Day 12 PCI DSS |
| 2012-02-22 | Johannes Ullrich | How to test OS X Mountain Lion's Gatekeeper in Lion |
| 2012-01-25 | Bojan Zdrnja | pcAnywhere users – patch now! |
| 2011-10-23 | Guy Bruneau | tcpdump and IPv6 |
| 2011-08-13 | Rick Wanner | 30th Anniversary of the IBM PC - What was your first? |
| 2010-07-20 | Manuel Humberto Santander Pelaez | iTunes buffer overflow vulnerability |
| 2010-07-04 | Manuel Humberto Santander Pelaez | New Winpcap Version |
| 2010-03-27 | Guy Bruneau | Create a Summary of IP Addresses from PCAP Files using Unix Tools |
| 2009-11-25 | Jim Clausing | Updates to my GREM Gold scripts and a new script |
| 2009-08-13 | Jim Clausing | Tools for extracting files from pcaps |
| 2009-06-28 | Guy Bruneau | IP Address Range Search with libpcap |
| 2008-06-10 | Swa Frantzen | Ransomware keybreaking |
