HASH LENGTH EXTENSION ATTACK |
| 2017-09-06 | Adrien de Beaupre | Modern Web Application Penetration Testing , Hash Length Extension Attacks |
HASH |
| 2025-01-02/a> | Xavier Mertens | Goodware Hash Sets |
| 2021-06-19/a> | Xavier Mertens | Easy Access to the NIST RDS Database |
| 2021-04-24/a> | Guy Bruneau | Base64 Hashes Used in Web Scanning |
| 2021-04-19/a> | Jan Kopriva | Hunting phishing websites with favicon hashes |
| 2020-08-22/a> | Guy Bruneau | Remote Desktop (TCP/3389) and Telnet (TCP/23), What might they have in Common? |
| 2020-05-15/a> | Rob VandenBrink | Hashes in PowerShell |
| 2018-06-27/a> | Renato Marinho | Silently Profiling Unknown Malware Samples |
| 2017-09-19/a> | Jim Clausing | New tool: mac-robber.py |
| 2017-09-06/a> | Adrien de Beaupre | Modern Web Application Penetration Testing , Hash Length Extension Attacks |
| 2016-08-22/a> | Russ McRee | Red Team Tools Updates: hashcat and SpiderFoot |
| 2015-08-31/a> | Xavier Mertens | Detecting file changes on Microsoft systems with FCIV |
| 2015-03-18/a> | Daniel Wesemann | Pass the hash! |
| 2015-02-17/a> | Rob VandenBrink | oclHashcat 1.33 Released |
| 2015-02-10/a> | Mark Baggett | Detecting Mimikatz Use On Your Network |
| 2014-09-19/a> | Guy Bruneau | Added today in oclhashcat 131 Django [Default Auth] (PBKDF2 SHA256 Rounds Salt) Support - http://hashcat.net/hashcat/ |
| 2014-08-22/a> | Richard Porter | OCLHashCat 1.30 Released |
| 2013-12-10/a> | Rob VandenBrink | Those Look Just Like Hashes! |
| 2013-09-05/a> | Rob VandenBrink | Building Your Own GPU Enabled Private Cloud |
| 2013-08-22/a> | Russ McRee | Read of the Week: A Fuzzy Future in Malware Research |
| 2013-06-11/a> | Swa Frantzen | Store passwords the right way in your application |
| 2012-10-04/a> | Johannes Ullrich | Cyber Security Awareness Month - Day 4: Crypto Standards |
| 2012-04-02/a> | Johannes Ullrich | SHA 1-2-3 |
| 2011-06-28/a> | Johannes Ullrich | Hashing Passwords |
| 2010-02-25/a> | Chris Carboni | Pass The Hash |
| 2010-02-15/a> | Johannes Ullrich | New ISC Tool: Whitelist Hash Database |
| 2009-10-23/a> | Johannes Ullrich | Little new tool: reversing md5/sha1 hashes http://isc.sans.org/tools/reversehash.html |
LENGTH |
| 2017-09-06/a> | Adrien de Beaupre | Modern Web Application Penetration Testing , Hash Length Extension Attacks |
EXTENSION |
| 2022-06-22/a> | Xavier Mertens | Malicious PowerShell Targeting Cryptocurrency Browser Extensions |
| 2021-02-04/a> | Bojan Zdrnja | Abusing Google Chrome extension syncing for data exfiltration and C&C |
| 2021-01-22/a> | Xavier Mertens | Another File Extension to Block in your MTA: .jnlp |
| 2017-10-27/a> | Renato Marinho | "Catch-All" Google Chrome Malicious Extension Steals All Posted Data |
| 2017-10-24/a> | Xavier Mertens | Stop relying on file extensions |
| 2017-09-06/a> | Adrien de Beaupre | Modern Web Application Penetration Testing , Hash Length Extension Attacks |
| 2017-08-29/a> | Renato Marinho | Second Google Chrome Extension Banker Malware in Two Weeks |
| 2017-08-15/a> | Renato Marinho | (Banker(GoogleChromeExtension)).targeting("Brazil") |
| 2012-02-23/a> | donald smith | DNS-Changer "clean DNS" extension requested |
| 2011-08-14/a> | Guy Bruneau | FireCAT 2.0 Released |
ATTACK |
| 2024-01-08/a> | Jesse La Grew | What is that User Agent? |
| 2022-08-10/a> | Johannes Ullrich | And Here They Come Again: DNS Reflection Attacks |
| 2022-03-26/a> | Guy Bruneau | Is buying Cyber Insurance a Must Now? |
| 2022-02-03/a> | Johannes Ullrich | Keeping Track of Your Attack Surface for Cheap |
| 2021-02-01/a> | Rob VandenBrink | Taking a Shot at Reverse Shell Attacks, CNC Phone Home and Data Exfil from Servers |
| 2019-08-25/a> | Guy Bruneau | Are there any Advantages of Buying Cyber Security Insurance? |
| 2019-07-20/a> | Guy Bruneau | Re-evaluating Network Security - It is Increasingly More Complex |
| 2017-09-06/a> | Adrien de Beaupre | Modern Web Application Penetration Testing , Hash Length Extension Attacks |
| 2016-11-02/a> | Rob VandenBrink | What Does a Pentest Look Like? |
| 2016-06-03/a> | Tom Liston | MySQL is YourSQL |
| 2015-03-18/a> | Daniel Wesemann | Pass the hash! |
| 2015-02-19/a> | Daniel Wesemann | DNS-based DDoS |
| 2014-02-26/a> | Russ McRee | Ongoing NTP Amplification Attacks |
| 2014-02-17/a> | Chris Mohan | NTP reflection attacks continue |
| 2013-12-02/a> | Richard Porter | Reports of higher than normal SSH Attacks |
| 2013-08-19/a> | Guy Bruneau | Business Risks and Cyber Attacks |
| 2013-07-27/a> | Scott Fendley | Defending Against Web Server Denial of Service Attacks |
| 2013-07-13/a> | Lenny Zeltser | Decoy Personas for Safeguarding Online Identity Using Deception |
| 2012-10-05/a> | Richard Porter | Reports of a Distributed Injection Scan |
| 2011-12-28/a> | Daniel Wesemann | Hash collisions vulnerability in web servers |
| 2011-12-01/a> | Mark Hofman | SQL Injection Attack happening ATM |
| 2011-09-28/a> | Richard Porter | All Along the ARP Tower! |
| 2011-01-23/a> | Richard Porter | Crime is still Crime! |
| 2010-12-23/a> | Mark Hofman | White house greeting cards |
| 2010-08-16/a> | Raul Siles | DDOS: State of the Art |
| 2010-08-15/a> | Manuel Humberto Santander Pelaez | Obfuscated SQL Injection attacks |
| 2010-08-13/a> | Tom Liston | The Strange Case of Doctor Jekyll and Mr. ED |
| 2010-03-15/a> | Adrien de Beaupre | Spamassassin Milter Plugin Remote Root Attack |
| 2010-01-29/a> | Johannes Ullrich | Analyzing isc.sans.org weblogs, part 2, RFI attacks |
| 2009-11-11/a> | Rob VandenBrink | Layer 2 Network Protections against Man in the Middle Attacks |
| 2009-08-28/a> | Adrien de Beaupre | WPA with TKIP done |
| 2009-06-04/a> | Raul Siles | Targeted e-mail attacks asking to verify wire transfer details |
| 2009-04-20/a> | Jason Lam | Digital Content on TV |
| 2009-04-02/a> | Bojan Zdrnja | JavaScript insertion and log deletion attack tools |
| 2009-03-20/a> | donald smith | Stealthier then a MBR rootkit, more powerful then ring 0 control, it’s the soon to be developed SMM root kit. |
| 2009-02-25/a> | Swa Frantzen | Targeted link diversion attempts |
| 2009-01-30/a> | Mark Hofman | Request for info - Scan and webmail |
| 2009-01-18/a> | Maarten Van Horenbeeck | Targeted social engineering |
| 2008-12-03/a> | Andre Ludwig | New ISC Poll! Has your organization suffered a DDoS (Distributed Denial of Service) attack in the last year? |
| 2008-07-09/a> | Johannes Ullrich | Unpatched Word Vulnerability |
| 2008-05-26/a> | Marcus Sachs | Predictable Response |
| 2008-03-27/a> | Maarten Van Horenbeeck | Guarding the guardians: a story of PGP key ring theft |
