Threat Level: green Handler on Duty: Russ McRee

SANS ISC: Diaries by Keyword Diaries by Keyword

Special Webcast: What you need to know about the crypt32.dll vulnerability. Register Now

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

RED TEAM

2019-11-29Russ McReeISC Snapshot: Search with SauronEye
2019-08-21Russ McReeKAPE: Kroll Artifact Parser and Extractor
2019-07-16Russ McReeCommando VM: The Complete Mandiant Offensive VM
2019-04-05Russ McReeBeagle: Graph transforms for DFIR data & logs
2018-10-17Russ McReeRedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence

RED

2019-11-29/a>Russ McReeISC Snapshot: Search with SauronEye
2019-11-09/a>Guy BruneauFake Netflix Update Request by Text
2019-11-08/a>Xavier MertensMicrosoft Apps Diverted from Their Main Use
2019-08-28/a>Johannes Ullrich[Guest Diary] Open Redirect: A Small But Very Common Vulnerability
2019-08-21/a>Russ McReeKAPE: Kroll Artifact Parser and Extractor
2019-07-16/a>Russ McReeCommando VM: The Complete Mandiant Offensive VM
2019-04-05/a>Russ McReeBeagle: Graph transforms for DFIR data & logs
2018-10-17/a>Russ McReeRedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2017-12-27/a>Guy BruneauWhat are your Security Challenges for 2018?
2016-09-09/a>Xavier MertensCollecting Users Credentials from Locked Devices
2016-06-29/a>Xavier MertensPhishing Campaign with Blurred Images
2016-01-05/a>Guy BruneauWhat are you Concerned the Most in 2016?
2015-05-23/a>Guy BruneauBusiness Value in "Big Data"
2015-03-18/a>Daniel WesemannPass the hash!
2015-01-31/a>Guy BruneauBeware of Phishing and Spam Super Bowl Fans!
2014-11-24/a>Richard PorterSomeone is using this? PoS: Compressor
2014-09-12/a>Chris MohanAre credential dumps worth reviewing?
2014-07-03/a>Johannes UllrichCredit Card Processing in 700 Words or Less
2014-06-13/a>Richard PorterA welcomed response, PF Chang's
2013-12-19/a>Rob VandenBrinkTarget US - Credit Card Data Breach
2013-09-23/a>Rob VandenBrinkHow do you spell "PSK"?
2013-07-12/a>Johannes UllrichDNS resolution is failing for Microsofts Teredo server (teredo.ipv6.microsoft.com)
2013-07-12/a>Johannes UllrichMicrosoft Teredo Server "Sunset"
2013-03-09/a>Guy BruneauIPv6 Focus Month: IPv6 Encapsulation - Protocol 41
2013-02-21/a>Pedro BuenoNBC site redirecting to Exploit kit
2011-05-03/a>Johannes UllrichAnalyzing Teredo with tshark and Wireshark
2011-01-03/a>Johannes UllrichWhat Will Matter in 2011
2010-07-24/a>Manuel Humberto Santander PelaezTransmiting logon information unsecured in the network
2010-06-15/a>Manuel Humberto Santander PelaezMastercard delivering cards with OTP device included
2010-04-22/a>John BambenekData Redaction: You're Doing it Wrong
2010-02-16/a>Jim ClausingTeredo request for packets
2010-02-16/a>Johannes UllrichTeredo "stray packet" analysis
2009-07-28/a>Adrien de BeaupreYYAMCCBA
2009-05-18/a>Rick WannerJSRedir-R/Gumblar badness

TEAM

2019-11-29/a>Russ McReeISC Snapshot: Search with SauronEye
2019-11-08/a>Xavier MertensMicrosoft Apps Diverted from Their Main Use
2019-10-06/a>Russ McReevisNetwork for Network Data
2019-08-21/a>Russ McReeKAPE: Kroll Artifact Parser and Extractor
2019-07-16/a>Russ McReeCommando VM: The Complete Mandiant Offensive VM
2019-04-05/a>Russ McReeBeagle: Graph transforms for DFIR data & logs
2019-02-05/a>Rob VandenBrinkMitigations against Mimikatz Style Attacks
2018-10-17/a>Russ McReeRedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2018-06-16/a>Russ McReeAnomaly Detection & Threat Hunting with Anomalize
2012-04-23/a>Russ McReeEmergency Operations Centers & Security Incident Management: A Correlation
2011-03-25/a>Kevin ListonAPT Tabletop Exercise
2010-01-22/a>Mari NicholsPass-down for a Successful Incident Response
2010-01-14/a>Bojan ZdrnjaDRG (Dragon Research Group) Distro available for general release
2009-03-22/a>Mari NicholsDealing with Security Challenges