PENTEST TOOLS AND TECHNIQUES |
| 2014-08-12 | Adrien de Beaupre | Host discovery with nmap |
PENTEST |
| 2019-11-29/a> | Russ McRee | ISC Snapshot: Search with SauronEye |
| 2018-01-28/a> | Didier Stevens | Is this a pentest? |
| 2017-09-06/a> | Adrien de Beaupre | Modern Web Application Penetration Testing , Hash Length Extension Attacks |
| 2017-05-05/a> | Xavier Mertens | HTTP Headers... the Achilles' heel of many applications |
| 2016-11-02/a> | Rob VandenBrink | What Does a Pentest Look Like? |
| 2016-09-28/a> | Xavier Mertens | SNMP Pwn3ge |
| 2016-01-20/a> | Xavier Mertens | /tmp, %TEMP%, ~/Desktop, T:\, ... A goldmine for pentesters! |
| 2015-11-09/a> | John Bambenek | ICYMI: Widespread Unserialize Vulnerability in Java |
| 2015-10-27/a> | Xavier Mertens | The "Yes, but..." syndrome |
| 2014-08-12/a> | Adrien de Beaupre | Host discovery with nmap |
| 2013-08-21/a> | Rob VandenBrink | Fibre Channel Reconnaissance - Reloaded |
| 2011-08-26/a> | Daniel Wesemann | User Agent 007 |
| 2010-11-19/a> | Jason Lam | Exchanging and sharing of assessment results |
| 2010-06-06/a> | Manuel Humberto Santander Pelaez | Nice OS X exploit tutorial |
| 2010-02-22/a> | Rob VandenBrink | New Risks in Penetration Testing |
| 2009-05-31/a> | Tony Carothers | L0phtcrack is Back! |
TOOLS |
| 2025-03-04/a> | Jim Clausing | Tool update: mac-robber.py |
| 2025-02-24/a> | Jim Clausing | Unfurl v2025.02 released |
| 2025-02-17/a> | Russ McRee | ModelScan - Protection Against Model Serialization Attacks |
| 2025-01-18/a> | Jim Clausing | New tool: immutable.py |
| 2024-10-24/a> | Johannes Ullrich | Development Features Enabled in Prodcution |
| 2024-09-30/a> | Jim Clausing | Tool update: mac-robber.py and le-hex-to-ip.py |
| 2024-06-15/a> | Didier Stevens | Overview of My Tools That Handle JSON Data |
| 2023-07-24/a> | Rob VandenBrink | JQ: Another Tool We Thought We Knew |
| 2023-07-01/a> | Russ McRee | Sandfly Security |
| 2022-03-24/a> | Xavier Mertens | Malware Delivered Through Free Sharing Tool |
| 2021-10-08/a> | Rob VandenBrink | Sorting Things Out - Sorting Data by IP Address |
| 2020-06-11/a> | Xavier Mertens | Anti-Debugging JavaScript Techniques |
| 2019-05-10/a> | Xavier Mertens | DSSuite - A Docker Container with Didier's Tools |
| 2018-11-11/a> | Pasquale Stirparo | Community contribution: joining forces or multiply solutions? |
| 2018-10-10/a> | Xavier Mertens | "OG" Tools Remain Valuable |
| 2018-08-05/a> | Didier Stevens | Video: Maldoc analysis with standard Linux tools |
| 2018-07-30/a> | Xavier Mertens | Exploiting the Power of Curl |
| 2017-09-19/a> | Jim Clausing | New tool: mac-robber.py |
| 2017-01-12/a> | Mark Baggett | Some tools updates |
| 2017-01-12/a> | Mark Baggett | System Resource Utilization Monitor |
| 2017-01-07/a> | Xavier Mertens | Using Security Tools to Compromize a Network |
| 2016-02-06/a> | Jim Clausing | More updates to kippo-log2db |
| 2015-02-19/a> | Daniel Wesemann | Macros? Really?! |
| 2015-02-07/a> | Jim Clausing | Update to kippo-log2db.pl |
| 2014-11-05/a> | Russ McRee | Tool Tip: vFeed |
| 2014-09-14/a> | Jim Clausing | SSDEEP update |
| 2014-08-12/a> | Adrien de Beaupre | Host discovery with nmap |
| 2013-11-19/a> | Jim Clausing | Updated dumpdns.pl |
| 2013-06-18/a> | Russ McRee | EMET 4.0 is now available for download |
| 2013-06-05/a> | Richard Porter | Windows Sysinternals Updated http://technet.microsoft.com/en-us/sysinternals/default.aspx |
| 2013-05-11/a> | Lenny Zeltser | Extracting Digital Signatures from Signed Malware |
| 2013-02-03/a> | Lorna Hutcheson | Is it Really an Attack? |
| 2012-05-06/a> | Jim Clausing | Tool updates and Win 8 |
| 2011-08-22/a> | Jim Clausing | Are your tools ready for IPv6? (part 2) |
| 2011-08-04/a> | Jim Clausing | Are your tools ready for IPv6? (part 1) |
| 2010-12-30/a> | Rick Wanner | SamuraiWTF Review over at ISSA Toolsmith |
| 2010-12-09/a> | Mark Hofman | Having a look at the DDOS tool used in the attacks today |
| 2010-12-05/a> | Jim Clausing | Updates to a couple of Sysinternals tools |
| 2010-10-20/a> | Jim Clausing | Tools updates - Oct 2010 |
| 2010-10-19/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 19 - Remote Access Tools |
| 2010-10-19/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 19 - VPN and Remote Access Tools |
| 2010-08-09/a> | Jim Clausing | Free/inexpensive tools for monitoring systems/networks |
| 2010-07-13/a> | Jim Clausing | Forensic challenge results |
| 2010-05-28/a> | Jim Clausing | Wireshark SMB file extraction plug-in |
| 2010-03-30/a> | Marcus Sachs | Zigbee Analysis Tools |
| 2010-03-30/a> | Pedro Bueno | Sharing the Tools |
| 2010-01-19/a> | Jim Clausing | Forensic challenges |
| 2010-01-06/a> | Johannes Ullrich | New Tool: IPv6 conversions http://isc.sans.org/tools/ipv6.html |
| 2009-11-26/a> | Tony Carothers | What Are You Thankful For? |
| 2009-11-25/a> | Jim Clausing | Tool updates |
| 2009-09-24/a> | Jim Clausing | A couple more tools |
| 2009-05-25/a> | Jim Clausing | More tools for (US) Memorial Day |
| 2009-03-01/a> | Jim Clausing | Cool combination of tools |
| 2008-12-13/a> | Jim Clausing | Followup from last shift and some research to do. |
| 2008-11-17/a> | Jim Clausing | How are you coming with that IPv6 migration? |
| 2008-11-13/a> | Jim Clausing | Some recently updated tools |
| 2008-09-22/a> | Jim Clausing | More on tools/resources/blogs |
| 2008-09-07/a> | Lorna Hutcheson | Malware Analysis: Tools are only so good |
| 2008-07-11/a> | Jim Clausing | Updates to some of our favorite tools |
AND |
| 2024-12-17/a> | Guy Bruneau | Command Injection Exploit For PHPUnit before 4.8.28 and 5.x before 5.6.3 [Guest Diary] |
| 2024-08-23/a> | Jesse La Grew | Pandas Errors: What encoding are my logs in? |
| 2024-07-16/a> | Guy Bruneau | Who You Gonna Call? AndroxGh0st Busters! [Guest Diary] |
| 2024-07-10/a> | Jesse La Grew | Finding Honeypot Data Clusters Using DBSCAN: Part 1 |
| 2024-04-29/a> | Johannes Ullrich | D-Link NAS Device Backdoor Abused |
| 2024-02-20/a> | Xavier Mertens | Python InfoStealer With Dynamic Sandbox Detection |
| 2023-10-31/a> | Xavier Mertens | Multiple Layers of Anti-Sandboxing Techniques |
| 2023-07-01/a> | Russ McRee | Sandfly Security |
| 2023-06-11/a> | Guy Bruneau | DShield Honeypot Activity for May 2023 |
| 2023-05-24/a> | Tom Webb | IR Case/Alert Management |
| 2023-03-12/a> | Guy Bruneau | AsynRAT Trojan - Bill Payment (Pago de la factura) |
| 2022-09-26/a> | Xavier Mertens | Easy Python Sandbox Detection |
| 2022-08-22/a> | Xavier Mertens | 32 or 64 bits Malware? |
| 2022-06-03/a> | Xavier Mertens | Sandbox Evasion... With Just a Filename! |
| 2021-12-06/a> | Xavier Mertens | The Importance of Out-of-Band Networks |
| 2021-04-02/a> | Xavier Mertens | C2 Activity: Sandboxes or Real Victims? |
| 2021-02-13/a> | Guy Bruneau | vSphere Replication updates address a command injection vulnerability (CVE-2021-21976) - https://www.vmware.com/security/advisories/VMSA-2021-0001.html |
| 2021-02-05/a> | Xavier Mertens | VBA Macro Trying to Alter the Application Menus |
| 2020-09-16/a> | Johannes Ullrich | Do Vulnerabilities Ever Get Old? Recent "Mirai" Variant Scanning for 20 Year Old Amanda Version? |
| 2020-09-03/a> | Xavier Mertens | Sandbox Evasion Using NTP |
| 2020-04-16/a> | Johannes Ullrich | Using AppLocker to Prevent Living off the Land Attacks |
| 2020-02-14/a> | Xavier Mertens | Keep an Eye on Command-Line Browsers |
| 2020-02-07/a> | Xavier Mertens | Sandbox Detection Tricks & Nice Obfuscation in a Single VBScript |
| 2019-07-16/a> | Russ McRee | Commando VM: The Complete Mandiant Offensive VM |
| 2019-01-10/a> | Brad Duncan | Heartbreaking Emails: "Love You" Malspam |
| 2018-08-01/a> | Johannes Ullrich | When Cameras and Routers attack Phones. Spike in CVE-2014-8361 Exploits Against Port 52869 |
| 2018-07-30/a> | Xavier Mertens | Exploiting the Power of Curl |
| 2018-07-24/a> | Brad Duncan | Recent Emotet activity |
| 2018-05-02/a> | Russ McRee | Windows Commands Reference - An InfoSec Must Have |
| 2017-01-06/a> | John Bambenek | Great Misadventures of Security Vendors: Absurd Sandboxing Edition |
| 2017-01-05/a> | John Bambenek | New Year's Resolution: Build Your Own Malware Lab? |
| 2016-12-10/a> | Didier Stevens | Sleeping VBS Really Wants To Sleep |
| 2016-07-26/a> | Johannes Ullrich | Command and Control Channels Using "AAAA" DNS Records |
| 2016-06-22/a> | Bojan Zdrnja | Security through obscurity never works |
| 2016-05-02/a> | Rick Wanner | Fake Chrome update for Android |
| 2016-04-15/a> | Xavier Mertens | Windows Command Line Persistence? |
| 2015-12-16/a> | Xavier Mertens | Playing With Sandboxes Like a Boss |
| 2015-12-05/a> | Guy Bruneau | Are you looking to setup your own Malware Sandbox? |
| 2015-12-04/a> | Tom Webb | Automating Phishing Analysis using BRO |
| 2015-10-12/a> | Guy Bruneau | Critical Vulnerability in Multiple Cisco Products - Apache Struts 2 Command Execution http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2 |
| 2015-07-28/a> | Rick Wanner | Android Stagefright multimedia viewer prone to remote exploitation |
| 2015-04-27/a> | Richard Porter | When Prevention Fails, Incident Response Begins |
| 2014-09-12/a> | Chris Mohan | Are credential dumps worth reviewing? |
| 2014-08-12/a> | Adrien de Beaupre | Host discovery with nmap |
| 2014-08-04/a> | Russ McRee | Threats & Indicators: A Security Intelligence Lifecycle |
| 2014-05-01/a> | Johannes Ullrich | Microsoft Announces Special Patch for IE 0-day (Win XP included!) |
| 2014-04-26/a> | Guy Bruneau | Android Users - Beware of Bitcoin Mining Malware |
| 2014-04-05/a> | Jim Clausing | Those strange e-mails with URLs in them can lead to Android malware |
| 2014-04-01/a> | Basil Alawi S.Taher | Upgrading Your Android, Elevating My Malware |
| 2014-03-11/a> | Basil Alawi S.Taher | Introduction to Memory Analysis with Mandiant Redline |
| 2014-02-10/a> | Rob VandenBrink | Isn't it About Time to Get Moving on Chip and PIN? |
| 2014-02-07/a> | Rob VandenBrink | New ISO Standards on Vulnerability Handling and Disclosure |
| 2014-01-23/a> | Chris Mohan | Learning from the breaches that happens to others Part 2 |
| 2013-12-05/a> | Mark Hofman | Updated Standards Part 1 - ISO 27001 |
| 2013-09-23/a> | Rob VandenBrink | How do you spell "PSK"? |
| 2013-02-22/a> | Chris Mohan | PHP 5.4.12 and PHP 5.3.22 released http://www.php.net/ChangeLog-5.php |
| 2013-02-17/a> | Guy Bruneau | HP ArcSight Connector Appliance and Logger Vulnerabilities |
| 2013-01-30/a> | Richard Porter | Getting Involved with the Local Community |
| 2013-01-14/a> | Richard Porter | January 2013 Microsoft Out of Cycle Patch |
| 2013-01-08/a> | Jim Clausing | Cuckoo 0.5 is out and the world didn't end |
| 2012-12-13/a> | Johannes Ullrich | What if Tomorrow Was the Day? |
| 2012-10-24/a> | Russ McRee | Cyber Security Awareness Month - Day 24 - A Standard for Information Security Incident Management - ISO 27035 |
| 2012-10-23/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 23: Character Encoding Standards - ASCII and Successors |
| 2012-10-17/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 17 - A Standard for Risk Management - ISO 27005 |
| 2012-10-12/a> | Mark Hofman | Cyber Security Awareness Month - Day 12 PCI DSS |
| 2012-10-11/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 11 - Vendor Agnostic Standards (Center for Internet Security) |
| 2012-10-09/a> | Johannes Ullrich | Cyber Security Awreness Month - Day 9 - Request for Comment (RFC) |
| 2012-05-18/a> | Johannes Ullrich | ZTE Score M Android Phone backdoor |
| 2012-04-23/a> | Russ McRee | Emergency Operations Centers & Security Incident Management: A Correlation |
| 2012-03-03/a> | Jim Clausing | New automated sandbox for Android malware |
| 2011-11-03/a> | Richard Porter | An Apple, Inc. Sandbox to play in. |
| 2011-11-01/a> | Russ McRee | Honeynet Project: Android Reverse Engineering (A.R.E.) Virtual Machine released |
| 2011-10-29/a> | Richard Porter | The Sub Critical Control? Evidence Collection |
| 2011-09-15/a> | Johannes Ullrich | SSH Vandals? |
| 2011-09-07/a> | Lenny Zeltser | Analyzing Mobile Device Malware - Honeynet Forensic Challenge 9 and Some Tools |
| 2011-05-18/a> | Bojan Zdrnja | Android, HTTP and authentication tokens |
| 2011-03-22/a> | Chris Mohan | Read only USB stick trick |
| 2011-03-03/a> | Manuel Humberto Santander Pelaez | Rogue apps inside Android Marketplace |
| 2011-01-08/a> | Guy Bruneau | PandaLabs 2010 Annual Report |
| 2010-12-31/a> | Bojan Zdrnja | Android malware enters 2011 |
| 2010-11-19/a> | Jason Lam | Adobe Reader X - Sandbox |
| 2010-10-19/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 19 - VPN and Remote Access Tools |
| 2010-08-04/a> | Tom Liston | Incident Reporting - Liston's "How-To" Guide |
| 2010-07-25/a> | Rick Wanner | Updated version of Mandiant's Web Historian |
| 2010-07-21/a> | Adrien de Beaupre | Adobe Reader Protected Mode |
| 2010-02-07/a> | Rick Wanner | Mandiant Mtrends Report |
| 2010-02-06/a> | Guy Bruneau | LANDesk Management Gateway Vulnerability |
| 2010-01-27/a> | Raul Siles | Command Line Kung Fu |
| 2010-01-21/a> | Chris Carboni | * Microsoft Out Of Band Patch Release |
| 2010-01-11/a> | Johannes Ullrich | Fake Android Application |
| 2009-07-24/a> | Rick Wanner | Microsoft Out of Band Patch |
| 2009-06-11/a> | Rick Wanner | WHO Declares Flu A(H1N1) a Pandemic |
| 2009-05-19/a> | Rick Wanner | New Version of Mandiant Highlighter |
| 2009-05-01/a> | Adrien de Beaupre | Incident Management |
| 2009-04-26/a> | Johannes Ullrich | Pandemic Preparation - Swine Flu |
| 2009-04-16/a> | Adrien de Beaupre | Incident Response vs. Incident Handling |
| 2009-04-07/a> | Johannes Ullrich | Common Apache Misconception |
| 2009-02-05/a> | Rick Wanner | Mandiant Memoryze review, Hilighter, other Mandiant tools! |
| 2008-11-25/a> | Andre Ludwig | Tmobile G1 handsets having DNS problems? |
| 2008-10-29/a> | Deborah Hale | Day 29 - Should I Switch Software Vendors? |
| 2008-10-23/a> | Mark Hofman | Microsoft out-of-band patch - Severity Critical |
| 2008-09-09/a> | Swa Frantzen | wordpress upgrade |
| 2008-08-09/a> | Deborah Hale | Cleveland Outage |
TECHNIQUES |
| 2014-08-12/a> | Adrien de Beaupre | Host discovery with nmap |
