LINUX TOOLS |
| 2023-07-24 | Rob VandenBrink | JQ: Another Tool We Thought We Knew |
| 2018-08-05 | Didier Stevens | Video: Maldoc analysis with standard Linux tools |
LINUX |
| 2025-01-18/a> | Jim Clausing | New tool: immutable.py |
| 2024-11-19/a> | Xavier Mertens | Detecting the Presence of a Debugger in Linux |
| 2024-10-09/a> | Xavier Mertens | From Perfctl to InfoStealer |
| 2024-07-08/a> | Xavier Mertens | Kunai: Keep an Eye on your Linux Hosts Activity |
| 2024-06-20/a> | Guy Bruneau | No Excuses, Free Tools to Help Secure Authentication in Ubuntu Linux [Guest Diary] |
| 2024-04-29/a> | Guy Bruneau | Linux Trojan - Xorddos with Filename eyshcjdmzg |
| 2023-07-24/a> | Rob VandenBrink | JQ: Another Tool We Thought We Knew |
| 2023-07-01/a> | Russ McRee | Sandfly Security |
| 2023-03-11/a> | Xavier Mertens | Overview of a Mirai Payload Generator |
| 2023-01-26/a> | Tom Webb | Live Linux IR with UAC |
| 2023-01-23/a> | Xavier Mertens | Who's Resolving This Domain? |
| 2022-12-20/a> | Xavier Mertens | Linux File System Monitoring & Actions |
| 2021-11-21/a> | Didier Stevens | Backdooring PAM |
| 2021-09-20/a> | Johannes Ullrich | #OMIGOD Exploits Captured in the Wild. Researchers responsible for half of scans for related ports. |
| 2020-07-19/a> | Guy Bruneau | Scanning Activity for ZeroShell Unauthenticated Access |
| 2020-07-11/a> | Guy Bruneau | Scanning Home Internet Facing Devices to Exploit |
| 2019-06-18/a> | Johannes Ullrich | What You Need To Know About TCP "SACK Panic" |
| 2018-10-26/a> | Xavier Mertens | Dissecting Malicious Office Documents with Linux |
| 2018-10-17/a> | Russ McRee | RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence |
| 2018-08-05/a> | Didier Stevens | Video: Maldoc analysis with standard Linux tools |
| 2017-10-18/a> | Renato Marinho | Baselining Servers to Detect Outliers |
| 2017-06-14/a> | Xavier Mertens | Systemd Could Fallback to Google DNS? |
| 2016-07-27/a> | Xavier Mertens | Analyze of a Linux botnet client source code |
| 2016-05-18/a> | Russ McRee | Resources: Windows Auditing & Monitoring, Linux 2FA |
| 2016-05-08/a> | Jim Clausing | Guest Diary: Linux Capabilities - A friend and foe |
| 2016-03-28/a> | Xavier Mertens | Improving Bash Forensics Capabilities |
| 2014-11-25/a> | Adrien de Beaupre | Less is, umm, less? |
| 2014-08-16/a> | Lenny Zeltser | Web Server Attack Investigation - Installing a Bot and Reverse Shell via a PHP Vulnerability |
| 2014-03-07/a> | Tom Webb | Linux Memory Dump with Rekall |
| 2013-12-24/a> | Daniel Wesemann | Unfriendly crontab additions |
| 2013-05-14/a> | Swa Frantzen | CVE-2013-2094: Linux privilege escalation |
| 2011-08-31/a> | Johannes Ullrich | Kernel.org Compromise |
| 2011-07-31/a> | Daniel Wesemann | Anatomy of a Unix breach |
| 2011-06-01/a> | Johannes Ullrich | Enabling Privacy Enhanced Addresses for IPv6 |
| 2011-05-01/a> | Deborah Hale | Droid MarketPlace Has a New App |
| 2010-09-17/a> | Robert Danford | Circa 2007 Linux Kernel Vulnerability Resurfaces (Was CVE-2007-4573, Now CVE-2010-3301) |
| 2009-07-17/a> | Bojan Zdrnja | A new fascinating Linux kernel vulnerability |
| 2008-07-31/a> | Swa Frantzen | Linus - Linux and Security - follow-up |
| 2008-07-29/a> | Swa Frantzen | Linus - Linux and Security |
| 2008-06-10/a> | Swa Frantzen | Linux ASN.1 BER kernel buffer overflow |
| 2008-05-13/a> | Swa Frantzen | OpenSSH: Predictable PRNG in debian and ubuntu Linux |
TOOLS |
| 2025-03-04/a> | Jim Clausing | Tool update: mac-robber.py |
| 2025-02-24/a> | Jim Clausing | Unfurl v2025.02 released |
| 2025-02-17/a> | Russ McRee | ModelScan - Protection Against Model Serialization Attacks |
| 2025-01-18/a> | Jim Clausing | New tool: immutable.py |
| 2024-10-24/a> | Johannes Ullrich | Development Features Enabled in Prodcution |
| 2024-09-30/a> | Jim Clausing | Tool update: mac-robber.py and le-hex-to-ip.py |
| 2024-06-15/a> | Didier Stevens | Overview of My Tools That Handle JSON Data |
| 2023-07-24/a> | Rob VandenBrink | JQ: Another Tool We Thought We Knew |
| 2023-07-01/a> | Russ McRee | Sandfly Security |
| 2022-03-24/a> | Xavier Mertens | Malware Delivered Through Free Sharing Tool |
| 2021-10-08/a> | Rob VandenBrink | Sorting Things Out - Sorting Data by IP Address |
| 2020-06-11/a> | Xavier Mertens | Anti-Debugging JavaScript Techniques |
| 2019-05-10/a> | Xavier Mertens | DSSuite - A Docker Container with Didier's Tools |
| 2018-11-11/a> | Pasquale Stirparo | Community contribution: joining forces or multiply solutions? |
| 2018-10-10/a> | Xavier Mertens | "OG" Tools Remain Valuable |
| 2018-08-05/a> | Didier Stevens | Video: Maldoc analysis with standard Linux tools |
| 2018-07-30/a> | Xavier Mertens | Exploiting the Power of Curl |
| 2017-09-19/a> | Jim Clausing | New tool: mac-robber.py |
| 2017-01-12/a> | Mark Baggett | Some tools updates |
| 2017-01-12/a> | Mark Baggett | System Resource Utilization Monitor |
| 2017-01-07/a> | Xavier Mertens | Using Security Tools to Compromize a Network |
| 2016-02-06/a> | Jim Clausing | More updates to kippo-log2db |
| 2015-02-19/a> | Daniel Wesemann | Macros? Really?! |
| 2015-02-07/a> | Jim Clausing | Update to kippo-log2db.pl |
| 2014-11-05/a> | Russ McRee | Tool Tip: vFeed |
| 2014-09-14/a> | Jim Clausing | SSDEEP update |
| 2014-08-12/a> | Adrien de Beaupre | Host discovery with nmap |
| 2013-11-19/a> | Jim Clausing | Updated dumpdns.pl |
| 2013-06-18/a> | Russ McRee | EMET 4.0 is now available for download |
| 2013-06-05/a> | Richard Porter | Windows Sysinternals Updated http://technet.microsoft.com/en-us/sysinternals/default.aspx |
| 2013-05-11/a> | Lenny Zeltser | Extracting Digital Signatures from Signed Malware |
| 2013-02-03/a> | Lorna Hutcheson | Is it Really an Attack? |
| 2012-05-06/a> | Jim Clausing | Tool updates and Win 8 |
| 2011-08-22/a> | Jim Clausing | Are your tools ready for IPv6? (part 2) |
| 2011-08-04/a> | Jim Clausing | Are your tools ready for IPv6? (part 1) |
| 2010-12-30/a> | Rick Wanner | SamuraiWTF Review over at ISSA Toolsmith |
| 2010-12-09/a> | Mark Hofman | Having a look at the DDOS tool used in the attacks today |
| 2010-12-05/a> | Jim Clausing | Updates to a couple of Sysinternals tools |
| 2010-10-20/a> | Jim Clausing | Tools updates - Oct 2010 |
| 2010-10-19/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 19 - Remote Access Tools |
| 2010-10-19/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 19 - VPN and Remote Access Tools |
| 2010-08-09/a> | Jim Clausing | Free/inexpensive tools for monitoring systems/networks |
| 2010-07-13/a> | Jim Clausing | Forensic challenge results |
| 2010-05-28/a> | Jim Clausing | Wireshark SMB file extraction plug-in |
| 2010-03-30/a> | Marcus Sachs | Zigbee Analysis Tools |
| 2010-03-30/a> | Pedro Bueno | Sharing the Tools |
| 2010-01-19/a> | Jim Clausing | Forensic challenges |
| 2010-01-06/a> | Johannes Ullrich | New Tool: IPv6 conversions http://isc.sans.org/tools/ipv6.html |
| 2009-11-26/a> | Tony Carothers | What Are You Thankful For? |
| 2009-11-25/a> | Jim Clausing | Tool updates |
| 2009-09-24/a> | Jim Clausing | A couple more tools |
| 2009-05-25/a> | Jim Clausing | More tools for (US) Memorial Day |
| 2009-03-01/a> | Jim Clausing | Cool combination of tools |
| 2008-12-13/a> | Jim Clausing | Followup from last shift and some research to do. |
| 2008-11-17/a> | Jim Clausing | How are you coming with that IPv6 migration? |
| 2008-11-13/a> | Jim Clausing | Some recently updated tools |
| 2008-09-22/a> | Jim Clausing | More on tools/resources/blogs |
| 2008-09-07/a> | Lorna Hutcheson | Malware Analysis: Tools are only so good |
| 2008-07-11/a> | Jim Clausing | Updates to some of our favorite tools |
