Internet Storm Center
Sign In
Sign Up
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
2024-02-03
Guy Bruneau
DShield Sensor Log Collection with Elasticsearch
2023-12-31
Tom Webb
Pi-Hole Pi4 Docker Deployment
2023-11-27
Guy Bruneau
Decoding the Patterns: Analyzing DShield Honeypot Activity [Guest Diary]
2023-11-22
Guy Bruneau
CVE-2023-1389: A New Means to Expand Botnets
2023-10-09
Didier Stevens
ZIP's DOSTIME & DOSDATE Formats
2023-08-12
Guy Bruneau
DShield Sensor Monitoring with a Docker ELK Stack [Guest Diary]
2023-07-23
Guy Bruneau
Install & Configure Filebeat on Raspberry Pi ARM64 to Parse DShield Sensor Logs
2023-06-11
Guy Bruneau
DShield Honeypot Activity for May 2023
2023-05-28
Guy Bruneau
We Can no Longer Ignore the Cost of Cybersecurity
2023-01-21
Guy Bruneau
DShield Sensor JSON Log to Elasticsearch
2022-10-04
Johannes Ullrich
Credential Harvesting with Telegram API
2022-08-22
Xavier Mertens
32 or 64 bits Malware?
2021-09-11
Guy Bruneau
Shipping to Elasticsearch Microsoft DNS Logs
2021-04-10
Guy Bruneau
Building an IDS Sensor with Suricata & Zeek with Logs to ELK
2021-02-13
Guy Bruneau
Using Logstash to Parse IPtables Firewall Logs
2021-01-30
Guy Bruneau
PacketSifter as Network Parsing and Telemetry Tool
2021-01-02
Guy Bruneau
Protecting Home Office and Enterprise in 2021
2020-12-19
Guy Bruneau
Secure Communication using TLS in Elasticsearch
2020-08-10
Bojan Zdrnja
Scoping web application and web service penetration tests
2020-08-01
Jan Kopriva
What pages do bad bots look for?
2020-05-06
Xavier Mertens
Keeping an Eye on Malicious Files Life Time
2020-04-16
Johannes Ullrich
Using AppLocker to Prevent Living off the Land Attacks
2020-03-02
Jan Kopriva
Secure vs. cleartext protocols - couple of interesting stats
2018-12-16
Guy Bruneau
Random Port Scan for Open RDP Backdoor
2018-11-30
Remco Verhoef
CoinMiners searching for hosts
2018-10-01
Didier Stevens
Decoding Custom Substitution Encodings with translate.py
2018-07-02
Guy Bruneau
Hello Peppa! - PHP Scans
2018-02-25
Guy Bruneau
Blackhole Advertising Sites with Pi-hole
2017-11-17
Xavier Mertens
Top-100 Malicious IP STIX Feed
2017-10-02
Xavier Mertens
Investigating Security Incidents with Passive DNS
2017-09-06
Adrien de Beaupre
Modern Web Application Penetration Testing , Hash Length Extension Attacks
2017-05-16
Russ McRee
WannaCry? Do your own data analysis.
2017-05-13
Guy Bruneau
Has anyone Tested WannaCry Killswitch? - https://blog.didierstevens.com/2017/05/13/quickpost-wcry-killswitch-check-is-not-proxy-aware/
2016-09-04
Russ McRee
Kali Linux 2016.2 Release: https://www.kali.org/news/kali-linux-20162-release/
2016-01-20
Xavier Mertens
/tmp, %TEMP%, ~/Desktop, T:\, ... A goldmine for pentesters!
2015-11-09
John Bambenek
ICYMI: Widespread Unserialize Vulnerability in Java
2014-08-09
Adrien de Beaupre
Complete application ownage via Multi-POST XSRF
2014-08-04
Russ McRee
Threats & Indicators: A Security Intelligence Lifecycle
2013-10-04
Pedro Bueno
CSAM: WebHosting BruteForce logs
2011-10-26
Rick Wanner
Critical Control 17:Penetration Tests and Red Team Exercises
2011-08-26
Daniel Wesemann
User Agent 007
2011-01-24
Rob VandenBrink
Where have all the COM Ports Gone? - How enumerating COM ports led to me finding a “misplaced” Microsoft tool
2010-12-15
Manuel Humberto Santander Pelaez
Vulnerability in the PDF distiller of the BlackBerry Attachment Service
2010-08-23
Manuel Humberto Santander Pelaez
Firefox plugins to perform penetration testing activities
2010-08-16
Raul Siles
Blind Elephant: A New Web Application Fingerprinting Tool
2010-08-13
Guy Bruneau
Shadowserver Binary Whitelisting Service
2010-06-27
Manuel Humberto Santander Pelaez
Study of clickjacking vulerabilities on popular sites
2010-06-06
Manuel Humberto Santander Pelaez
Nice OS X exploit tutorial
2010-05-04
Rick Wanner
SIFT review in the ISSA Toolsmith
2010-04-13
Adrien de Beaupre
Web App Testing Tools
2009-10-20
Raul Siles
WASC 2008 Statistics
2009-08-18
Deborah Hale
Website compromises - what's happening?
2009-07-27
Raul Siles
New Hacker Challenge: Prison Break - Breaking, Entering & Decoding
2009-07-12
Mari Nichols
CA Apologizes for False Positive
2009-06-11
Rick Wanner
MIR-ROR Motile Incident Response - Respond Objectively Remediate
2009-04-21
Bojan Zdrnja
Web application vulnerabilities
2009-02-06
Adrien de Beaupre
Fake stimulus payments
2009-01-25
Rick Wanner
Twam?? Twammers?
2008-09-22
Jim Clausing
Lessons learned from the Palin (and other) account hijacks
2008-09-20
Rick Wanner
New (to me) nmap Features
2008-09-08
Raul Siles
Quick Analysis of the 2007 Web Application Security Statistics
2008-05-23
Mike Poor
Cisco IOS Rootkit thoughts
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Subscribe to the daily podcast via
RSS
or
iTunes