| 2025-04-02 | Guy Bruneau | Exploring Statistical Measures to Predict URLs as Legitimate or Intrusive [Guest Diary] |
| 2025-02-20 | Guy Bruneau | Using ES|QL in Kibana to Queries DShield Honeypot Logs |
| 2024-02-03 | Guy Bruneau | DShield Sensor Log Collection with Elasticsearch |
| 2023-12-31 | Tom Webb | Pi-Hole Pi4 Docker Deployment |
| 2023-11-27 | Guy Bruneau | Decoding the Patterns: Analyzing DShield Honeypot Activity [Guest Diary] |
| 2023-11-22 | Guy Bruneau | CVE-2023-1389: A New Means to Expand Botnets |
| 2023-10-09 | Didier Stevens | ZIP's DOSTIME & DOSDATE Formats |
| 2023-08-12 | Guy Bruneau | DShield Sensor Monitoring with a Docker ELK Stack [Guest Diary] |
| 2023-07-23 | Guy Bruneau | Install & Configure Filebeat on Raspberry Pi ARM64 to Parse DShield Sensor Logs |
| 2023-06-11 | Guy Bruneau | DShield Honeypot Activity for May 2023 |
| 2023-05-28 | Guy Bruneau | We Can no Longer Ignore the Cost of Cybersecurity |
| 2023-01-21 | Guy Bruneau | DShield Sensor JSON Log to Elasticsearch |
| 2022-10-04 | Johannes Ullrich | Credential Harvesting with Telegram API |
| 2022-08-22 | Xavier Mertens | 32 or 64 bits Malware? |
| 2021-09-11 | Guy Bruneau | Shipping to Elasticsearch Microsoft DNS Logs |
| 2021-04-10 | Guy Bruneau | Building an IDS Sensor with Suricata & Zeek with Logs to ELK |
| 2021-02-13 | Guy Bruneau | Using Logstash to Parse IPtables Firewall Logs |
| 2021-01-30 | Guy Bruneau | PacketSifter as Network Parsing and Telemetry Tool |
| 2021-01-02 | Guy Bruneau | Protecting Home Office and Enterprise in 2021 |
| 2020-12-19 | Guy Bruneau | Secure Communication using TLS in Elasticsearch |
| 2020-08-10 | Bojan Zdrnja | Scoping web application and web service penetration tests |
| 2020-08-01 | Jan Kopriva | What pages do bad bots look for? |
| 2020-05-06 | Xavier Mertens | Keeping an Eye on Malicious Files Life Time |
| 2020-04-16 | Johannes Ullrich | Using AppLocker to Prevent Living off the Land Attacks |
| 2020-03-02 | Jan Kopriva | Secure vs. cleartext protocols - couple of interesting stats |
| 2018-12-16 | Guy Bruneau | Random Port Scan for Open RDP Backdoor |
| 2018-11-30 | Remco Verhoef | CoinMiners searching for hosts |
| 2018-10-01 | Didier Stevens | Decoding Custom Substitution Encodings with translate.py |
| 2018-07-02 | Guy Bruneau | Hello Peppa! - PHP Scans |
| 2018-02-25 | Guy Bruneau | Blackhole Advertising Sites with Pi-hole |
| 2017-11-17 | Xavier Mertens | Top-100 Malicious IP STIX Feed |
| 2017-10-02 | Xavier Mertens | Investigating Security Incidents with Passive DNS |
| 2017-09-06 | Adrien de Beaupre | Modern Web Application Penetration Testing , Hash Length Extension Attacks |
| 2017-05-16 | Russ McRee | WannaCry? Do your own data analysis. |
| 2017-05-13 | Guy Bruneau | Has anyone Tested WannaCry Killswitch? - https://blog.didierstevens.com/2017/05/13/quickpost-wcry-killswitch-check-is-not-proxy-aware/ |
| 2016-09-04 | Russ McRee | Kali Linux 2016.2 Release: https://www.kali.org/news/kali-linux-20162-release/ |
| 2016-01-20 | Xavier Mertens | /tmp, %TEMP%, ~/Desktop, T:\, ... A goldmine for pentesters! |
| 2015-11-09 | John Bambenek | ICYMI: Widespread Unserialize Vulnerability in Java |
| 2014-08-09 | Adrien de Beaupre | Complete application ownage via Multi-POST XSRF |
| 2014-08-04 | Russ McRee | Threats & Indicators: A Security Intelligence Lifecycle |
| 2013-10-04 | Pedro Bueno | CSAM: WebHosting BruteForce logs |
| 2011-10-26 | Rick Wanner | Critical Control 17:Penetration Tests and Red Team Exercises |
| 2011-08-26 | Daniel Wesemann | User Agent 007 |
| 2011-01-24 | Rob VandenBrink | Where have all the COM Ports Gone? - How enumerating COM ports led to me finding a “misplaced” Microsoft tool |
| 2010-12-15 | Manuel Humberto Santander Pelaez | Vulnerability in the PDF distiller of the BlackBerry Attachment Service |
| 2010-08-23 | Manuel Humberto Santander Pelaez | Firefox plugins to perform penetration testing activities |
| 2010-08-16 | Raul Siles | Blind Elephant: A New Web Application Fingerprinting Tool |
| 2010-08-13 | Guy Bruneau | Shadowserver Binary Whitelisting Service |
| 2010-06-27 | Manuel Humberto Santander Pelaez | Study of clickjacking vulerabilities on popular sites |
| 2010-06-06 | Manuel Humberto Santander Pelaez | Nice OS X exploit tutorial |
| 2010-05-04 | Rick Wanner | SIFT review in the ISSA Toolsmith |
| 2010-04-13 | Adrien de Beaupre | Web App Testing Tools |
| 2009-10-20 | Raul Siles | WASC 2008 Statistics |
| 2009-08-18 | Deborah Hale | Website compromises - what's happening? |
| 2009-07-27 | Raul Siles | New Hacker Challenge: Prison Break - Breaking, Entering & Decoding |
| 2009-07-12 | Mari Nichols | CA Apologizes for False Positive |
| 2009-06-11 | Rick Wanner | MIR-ROR Motile Incident Response - Respond Objectively Remediate |
| 2009-04-21 | Bojan Zdrnja | Web application vulnerabilities |
| 2009-02-06 | Adrien de Beaupre | Fake stimulus payments |
| 2009-01-25 | Rick Wanner | Twam?? Twammers? |
| 2008-09-22 | Jim Clausing | Lessons learned from the Palin (and other) account hijacks |
| 2008-09-20 | Rick Wanner | New (to me) nmap Features |
| 2008-09-08 | Raul Siles | Quick Analysis of the 2007 Web Application Security Statistics |
| 2008-05-23 | Mike Poor | Cisco IOS Rootkit thoughts |
