Internet Storm Center
Sign In
Sign Up
SANS Network Security: Las Vegas Sept 4-9.
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
2024-09-18
Xavier Mertens
Python Infostealer Patching Windows Exodus App
2024-09-17
Xavier Mertens
23:59, Time to Exfiltrate!
2024-09-16
Xavier Mertens
Managing PE Files With Overlays
2024-09-13
Jesse La Grew
Finding Honeypot Data Clusters Using DBSCAN: Part 2
2024-09-11
Xavier Mertens
Python Libraries Used for Malicious Purposes
2024-08-30
Jesse La Grew
Simulating Traffic With Scapy
2024-08-29
Xavier Mertens
Live Patching DLLs with Python
2024-08-27
Xavier Mertens
Why Is Python so Popular to Infect Windows Hosts?
2024-08-26
Xavier Mertens
From Highly Obfuscated Batch File to XWorm and Redline
2024-08-23
Jesse La Grew
Pandas Errors: What encoding are my logs in?
2024-08-19
Xavier Mertens
Do you Like Donuts? Here is a Donut Shellcode Delivered Through PowerShell/Python
2024-08-16
Jesse La Grew
[Guest Diary] 7 minutes and 4 steps to a quick win: A write-up on custom tools
2024-07-26
Xavier Mertens
ExelaStealer Delivered "From Russia With Love"
2024-07-24
Xavier Mertens
"Mouse Logger" Malicious Python Script
2024-07-10
Jesse La Grew
Finding Honeypot Data Clusters Using DBSCAN: Part 1
2024-06-06
Xavier Mertens
Malicious Python Script with a "Best Before" Date
2024-05-31
Xavier Mertens
"K1w1" InfoStealer Uses gofile.io for Exfiltration
2024-05-30
Xavier Mertens
Feeding MISP with OSSEC
2024-03-13
Xavier Mertens
Using ChatGPT to Deobfuscate Malicious Scripts
2024-02-20
Xavier Mertens
Python InfoStealer With Dynamic Sandbox Detection
2024-02-08
Xavier Mertens
A Python MP3 Player with Builtin Keylogger Capability
2024-01-25
Xavier Mertens
Facebook AdsManager Targeted by a Python Infostealer
2024-01-19
Xavier Mertens
macOS Python Script Replacing Wallet Applications with Rogue Apps
2024-01-17
Jesse La Grew
Number Usage in Passwords
2024-01-08
Jesse La Grew
What is that User Agent?
2023-12-23
Xavier Mertens
Python Keylogger Using Mailtrap.io
2023-12-22
Xavier Mertens
Shall We Play a Game?
2023-12-16
Xavier Mertens
An Example of RocketMQ Exploit Scanner
2023-11-20
Jesse La Grew
Overflowing Web Honeypot Logs
2023-10-31
Xavier Mertens
Multiple Layers of Anti-Sandboxing Techniques
2023-09-30
Xavier Mertens
Simple Netcat Backdoor in Python Script
2023-08-25
Xavier Mertens
Python Malware Using Postgresql for C2 Communications
2023-08-23
Guy Bruneau
How I made a qwerty ?keyboard walk? password generator with ChatGPT [Guest Diary]
2023-08-22
Xavier Mertens
Have You Ever Heard of the Fernet Encryption Algorithm?
2023-08-17
Jesse La Grew
Command Line Parsing - Are These Really Unique Strings?
2023-08-11
Xavier Mertens
Show me All Your Windows!
2023-07-28
Xavier Mertens
ShellCode Hidden with Steganography
2023-06-20
Xavier Mertens
Malicious Code Can Be Anywhere
2023-04-28
Xavier Mertens
Quick IOC Scan With Docker
2023-03-18
Xavier Mertens
Old Backdoor, New Obfuscation
2023-03-11
Xavier Mertens
Overview of a Mirai Payload Generator
2023-03-01
Xavier Mertens
Python Infostealer Targeting Gamers
2023-02-09
Xavier Mertens
A Backdoor with Smart Screenshot Capability
2022-11-14
Jesse La Grew
Extracting 'HTTP CONNECT' Requests with Python
2022-10-24
Xavier Mertens
C2 Communications Through outlook.com
2022-10-18
Xavier Mertens
Python Obfuscation for Dummies
2022-09-26
Xavier Mertens
Easy Python Sandbox Detection
2022-09-14
Xavier Mertens
Easy Process Injection within Python
2022-08-19
Johannes Ullrich
Windows Security Blocks UPX Compressed (packed) Binaries
2022-08-18
Johannes Ullrich
Honeypot Attack Summaries with Python
2022-07-20
Xavier Mertens
Malicious Python Script Behaving Like a Rubber Ducky
2022-06-24
Xavier Mertens
Python (ab)using The Windows GUI
2022-05-24
Yee Ching Tok
ctx Python Library Updated with "Extra" Features
2022-04-21
Xavier Mertens
Multi-Cryptocurrency Clipboard Swapper
2022-01-20
Xavier Mertens
RedLine Stealer Delivered Through FTP
2022-01-07
Xavier Mertens
Custom Python RAT Builder
2022-01-06
Xavier Mertens
Malicious Python Script Targeting Chinese People
2021-12-10
Xavier Mertens
Python Shellcode Injection From JSON Data
2021-12-01
Xavier Mertens
Info-Stealer Using webhook.site to Exfiltrate Data
2021-08-30
Xavier Mertens
Cryptocurrency Clipboard Swapper Delivered With Love
2021-07-16
Xavier Mertens
Multiple BaseXX Obfuscations
2021-07-08
Xavier Mertens
Using Sudo with Python For More Security Controls
2021-07-06
Xavier Mertens
Python DLL Injection Check
2021-07-02
Xavier Mertens
"inception.py"... Multiple Base64 Encodings
2021-06-11
Xavier Mertens
Keeping an Eye on Dangerous Python Modules
2021-05-31
Rick Wanner
Quick and dirty Python: nmap
2021-05-04
Rick Wanner
Quick and dirty Python: masscan
2021-04-29
Xavier Mertens
From Python to .Net
2021-04-09
Xavier Mertens
No Python Interpreter? This Simple RAT Installs Its Own Copy
2021-04-02
Xavier Mertens
C2 Activity: Sandboxes or Real Victims?
2021-03-18
Xavier Mertens
Simple Python Keylogger
2020-12-10
Xavier Mertens
Python Backdoor Talking to a C2 Through Ngrok
2020-11-20
Xavier Mertens
Malicious Python Code and LittleSnitch Detection
2020-11-09
Xavier Mertens
How Attackers Brush Up Their Malicious Scripts
2020-10-20
Xavier Mertens
Mirai-alike Python Scanner
2020-10-14
Xavier Mertens
Nicely Obfuscated Python RAT
2020-09-18
Xavier Mertens
A Mix of Python & VBA in a Malicious Word Document
2020-09-03
Xavier Mertens
Sandbox Evasion Using NTP
2020-09-02
Xavier Mertens
Python and Risky Windows API Calls
2020-08-18
Xavier Mertens
Using API's to Track Attackers
2020-07-30
Johannes Ullrich
Python Developers: Prepare!!!
2019-10-29
Xavier Mertens
Generating PCAP Files from YAML
2018-11-26
Russ McRee
ViperMonkey: VBA maldoc deobfuscation
2017-11-23
Xavier Mertens
Proactive Malicious Domain Search
2017-10-05
Johannes Ullrich
pcap2curl: Turning a pcap file into a set of cURL commands for "replay"
2017-08-22
Xavier Mertens
Defang all the things!
2017-04-19
Xavier Mertens
Hunting for Malicious Excel Sheets
2017-01-12
Mark Baggett
System Resource Utilization Monitor
2017-01-01
Didier Stevens
py2exe Decompiling - Part 1
2016-11-27
Russ McRee
Scapy vs. CozyDuke
2016-07-25
Didier Stevens
Python Malware - Part 4
2016-07-16
Didier Stevens
Python Malware - Part 3
2016-05-15
Didier Stevens
Python Malware - Part 1
2014-12-04
Mark Baggett
Automating Incident data collection with Python
2011-02-21
Adrien de Beaupre
What’s New, it's Python 3.2
2010-08-15
Manuel Humberto Santander Pelaez
Python to test web application security
2010-06-14
Manuel Humberto Santander Pelaez
Python on a microcontroller?
2010-03-30
Marcus Sachs
Zigbee Analysis Tools
2010-02-17
Rob VandenBrink
Multiple Security Updates for ESX 3.x and ESXi 3.x
2009-05-25
Jim Clausing
More tools for (US) Memorial Day
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Follow updates by subscribing to the handler's
diary RSS feed