Internet Storm Center
Sign In
Sign Up
SANS Network Security: Las Vegas Sept 4-9.
Handler on Duty:
Guy Bruneau
Threat Level:
green
Date
Author
Title
LINUX TOOLS
2023-07-24
Rob VandenBrink
JQ: Another Tool We Thought We Knew
2018-08-05
Didier Stevens
Video: Maldoc analysis with standard Linux tools
LINUX
2024-10-09/a>
Xavier Mertens
From Perfctl to InfoStealer
2024-07-08/a>
Xavier Mertens
Kunai: Keep an Eye on your Linux Hosts Activity
2024-06-20/a>
Guy Bruneau
No Excuses, Free Tools to Help Secure Authentication in Ubuntu Linux [Guest Diary]
2024-04-29/a>
Guy Bruneau
Linux Trojan - Xorddos with Filename eyshcjdmzg
2023-07-24/a>
Rob VandenBrink
JQ: Another Tool We Thought We Knew
2023-07-01/a>
Russ McRee
Sandfly Security
2023-03-11/a>
Xavier Mertens
Overview of a Mirai Payload Generator
2023-01-26/a>
Tom Webb
Live Linux IR with UAC
2023-01-23/a>
Xavier Mertens
Who's Resolving This Domain?
2022-12-20/a>
Xavier Mertens
Linux File System Monitoring & Actions
2021-11-21/a>
Didier Stevens
Backdooring PAM
2021-09-20/a>
Johannes Ullrich
#OMIGOD Exploits Captured in the Wild. Researchers responsible for half of scans for related ports.
2020-07-19/a>
Guy Bruneau
Scanning Activity for ZeroShell Unauthenticated Access
2020-07-11/a>
Guy Bruneau
Scanning Home Internet Facing Devices to Exploit
2019-06-18/a>
Johannes Ullrich
What You Need To Know About TCP "SACK Panic"
2018-10-26/a>
Xavier Mertens
Dissecting Malicious Office Documents with Linux
2018-10-17/a>
Russ McRee
RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2018-08-05/a>
Didier Stevens
Video: Maldoc analysis with standard Linux tools
2017-10-18/a>
Renato Marinho
Baselining Servers to Detect Outliers
2017-06-14/a>
Xavier Mertens
Systemd Could Fallback to Google DNS?
2016-07-27/a>
Xavier Mertens
Analyze of a Linux botnet client source code
2016-05-18/a>
Russ McRee
Resources: Windows Auditing & Monitoring, Linux 2FA
2016-05-08/a>
Jim Clausing
Guest Diary: Linux Capabilities - A friend and foe
2016-03-28/a>
Xavier Mertens
Improving Bash Forensics Capabilities
2014-11-25/a>
Adrien de Beaupre
Less is, umm, less?
2014-08-16/a>
Lenny Zeltser
Web Server Attack Investigation - Installing a Bot and Reverse Shell via a PHP Vulnerability
2014-03-07/a>
Tom Webb
Linux Memory Dump with Rekall
2013-12-24/a>
Daniel Wesemann
Unfriendly crontab additions
2013-05-14/a>
Swa Frantzen
CVE-2013-2094: Linux privilege escalation
2011-08-31/a>
Johannes Ullrich
Kernel.org Compromise
2011-07-31/a>
Daniel Wesemann
Anatomy of a Unix breach
2011-06-01/a>
Johannes Ullrich
Enabling Privacy Enhanced Addresses for IPv6
2011-05-01/a>
Deborah Hale
Droid MarketPlace Has a New App
2010-09-17/a>
Robert Danford
Circa 2007 Linux Kernel Vulnerability Resurfaces (Was CVE-2007-4573, Now CVE-2010-3301)
2009-07-17/a>
Bojan Zdrnja
A new fascinating Linux kernel vulnerability
2008-07-31/a>
Swa Frantzen
Linus - Linux and Security - follow-up
2008-07-29/a>
Swa Frantzen
Linus - Linux and Security
2008-06-10/a>
Swa Frantzen
Linux ASN.1 BER kernel buffer overflow
2008-05-13/a>
Swa Frantzen
OpenSSH: Predictable PRNG in debian and ubuntu Linux
TOOLS
2024-09-30/a>
Jim Clausing
Tool update: mac-robber.py and le-hex-to-ip.py
2024-06-15/a>
Didier Stevens
Overview of My Tools That Handle JSON Data
2023-07-24/a>
Rob VandenBrink
JQ: Another Tool We Thought We Knew
2023-07-01/a>
Russ McRee
Sandfly Security
2022-03-24/a>
Xavier Mertens
Malware Delivered Through Free Sharing Tool
2021-10-08/a>
Rob VandenBrink
Sorting Things Out - Sorting Data by IP Address
2020-06-11/a>
Xavier Mertens
Anti-Debugging JavaScript Techniques
2019-05-10/a>
Xavier Mertens
DSSuite - A Docker Container with Didier's Tools
2018-11-11/a>
Pasquale Stirparo
Community contribution: joining forces or multiply solutions?
2018-10-10/a>
Xavier Mertens
"OG" Tools Remain Valuable
2018-08-05/a>
Didier Stevens
Video: Maldoc analysis with standard Linux tools
2018-07-30/a>
Xavier Mertens
Exploiting the Power of Curl
2017-09-19/a>
Jim Clausing
New tool: mac-robber.py
2017-01-12/a>
Mark Baggett
Some tools updates
2017-01-12/a>
Mark Baggett
System Resource Utilization Monitor
2017-01-07/a>
Xavier Mertens
Using Security Tools to Compromize a Network
2016-02-06/a>
Jim Clausing
More updates to kippo-log2db
2015-02-19/a>
Daniel Wesemann
Macros? Really?!
2015-02-07/a>
Jim Clausing
Update to kippo-log2db.pl
2014-11-05/a>
Russ McRee
Tool Tip: vFeed
2014-09-14/a>
Jim Clausing
SSDEEP update
2014-08-12/a>
Adrien de Beaupre
Host discovery with nmap
2013-11-19/a>
Jim Clausing
Updated dumpdns.pl
2013-06-18/a>
Russ McRee
EMET 4.0 is now available for download
2013-06-05/a>
Richard Porter
Windows Sysinternals Updated http://technet.microsoft.com/en-us/sysinternals/default.aspx
2013-05-11/a>
Lenny Zeltser
Extracting Digital Signatures from Signed Malware
2013-02-03/a>
Lorna Hutcheson
Is it Really an Attack?
2012-05-06/a>
Jim Clausing
Tool updates and Win 8
2011-08-22/a>
Jim Clausing
Are your tools ready for IPv6? (part 2)
2011-08-04/a>
Jim Clausing
Are your tools ready for IPv6? (part 1)
2010-12-30/a>
Rick Wanner
SamuraiWTF Review over at ISSA Toolsmith
2010-12-09/a>
Mark Hofman
Having a look at the DDOS tool used in the attacks today
2010-12-05/a>
Jim Clausing
Updates to a couple of Sysinternals tools
2010-10-20/a>
Jim Clausing
Tools updates - Oct 2010
2010-10-19/a>
Rob VandenBrink
Cyber Security Awareness Month - Day 19 - Remote Access Tools
2010-10-19/a>
Rob VandenBrink
Cyber Security Awareness Month - Day 19 - VPN and Remote Access Tools
2010-08-09/a>
Jim Clausing
Free/inexpensive tools for monitoring systems/networks
2010-07-13/a>
Jim Clausing
Forensic challenge results
2010-05-28/a>
Jim Clausing
Wireshark SMB file extraction plug-in
2010-03-30/a>
Marcus Sachs
Zigbee Analysis Tools
2010-03-30/a>
Pedro Bueno
Sharing the Tools
2010-01-19/a>
Jim Clausing
Forensic challenges
2010-01-06/a>
Johannes Ullrich
New Tool: IPv6 conversions http://isc.sans.org/tools/ipv6.html
2009-11-26/a>
Tony Carothers
What Are You Thankful For?
2009-11-25/a>
Jim Clausing
Tool updates
2009-09-24/a>
Jim Clausing
A couple more tools
2009-05-25/a>
Jim Clausing
More tools for (US) Memorial Day
2009-03-01/a>
Jim Clausing
Cool combination of tools
2008-12-13/a>
Jim Clausing
Followup from last shift and some research to do.
2008-11-17/a>
Jim Clausing
How are you coming with that IPv6 migration?
2008-11-13/a>
Jim Clausing
Some recently updated tools
2008-09-22/a>
Jim Clausing
More on tools/resources/blogs
2008-09-07/a>
Lorna Hutcheson
Malware Analysis: Tools are only so good
2008-07-11/a>
Jim Clausing
Updates to some of our favorite tools
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Have you seen our swag?
Buy SANS ISC Gear