Internet Storm Center
Sign In
Sign Up
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
BLUE TEAM
2023-07-01
Russ McRee
Sandfly Security
2023-05-09
Russ McRee
Exploratory Data Analysis with CISSM Cyber Attacks Database - Part 2
2022-09-19
Russ McRee
Chainsaw: Hunt, search, and extract event log records
2022-06-10
Russ McRee
EPSScall: An Exploit Prediction Scoring System App
2021-12-28
Russ McRee
LotL Classifier tests for shells, exfil, and miners
2021-03-02
Russ McRee
Adversary Simulation with Sim
2021-01-19
Russ McRee
Gordon for fast cyber reputation checks
2020-08-12
Russ McRee
To the Brim at the Gates of Mordor Pt. 1
2020-04-21
Russ McRee
SpectX: Log Parser for DFIR
2020-01-21
Russ McRee
DeepBlueCLI: Powershell Threat Hunting
2019-10-06
Russ McRee
visNetwork for Network Data
2019-08-21
Russ McRee
KAPE: Kroll Artifact Parser and Extractor
2019-04-05
Russ McRee
Beagle: Graph transforms for DFIR data & logs
2019-02-05
Rob VandenBrink
Mitigations against Mimikatz Style Attacks
2018-10-17
Russ McRee
RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2018-06-16
Russ McRee
Anomaly Detection & Threat Hunting with Anomalize
BLUE
2023-07-01/a>
Russ McRee
Sandfly Security
2023-05-09/a>
Russ McRee
Exploratory Data Analysis with CISSM Cyber Attacks Database - Part 2
2023-02-07/a>
Yee Ching Tok
A Survey of Bluetooth Vulnerabilities Trends (2023 Edition)
2022-09-19/a>
Russ McRee
Chainsaw: Hunt, search, and extract event log records
2022-07-05/a>
Jan Kopriva
EternalBlue 5 years after WannaCry and NotPetya
2022-06-10/a>
Russ McRee
EPSScall: An Exploit Prediction Scoring System App
2021-12-28/a>
Russ McRee
LotL Classifier tests for shells, exfil, and miners
2021-11-01/a>
Yee Ching Tok
Revisiting BrakTooth: Two Months Later
2021-08-31/a>
Yee Ching Tok
BrakTooth: Impacts, Implications and Next Steps
2021-03-06/a>
Xavier Mertens
Spotting the Red Team on VirusTotal!
2021-03-02/a>
Russ McRee
Adversary Simulation with Sim
2021-01-19/a>
Russ McRee
Gordon for fast cyber reputation checks
2020-11-16/a>
Jan Kopriva
Heartbleed, BlueKeep and other vulnerabilities that didn't disappear just because we don't talk about them anymore
2020-10-23/a>
Russ McRee
Sooty: SOC Analyst's All-in-One Tool
2020-08-12/a>
Russ McRee
To the Brim at the Gates of Mordor Pt. 1
2020-06-30/a>
Russ McRee
ISC Snapshot: SpectX IP Hitcount Query
2020-04-21/a>
Russ McRee
SpectX: Log Parser for DFIR
2020-02-27/a>
Xavier Mertens
Offensive Tools Are For Blue Teams Too
2020-01-21/a>
Russ McRee
DeepBlueCLI: Powershell Threat Hunting
2019-11-10/a>
Jan Kopriva
Did the recent malicious BlueKeep campaign have any positive impact when it comes to patching?
2019-11-08/a>
Xavier Mertens
Microsoft Apps Diverted from Their Main Use
2019-11-05/a>
Rick Wanner
Bluekeep exploitation causing Bluekeep vulnerability scan to fail
2019-10-06/a>
Russ McRee
visNetwork for Network Data
2019-08-21/a>
Russ McRee
KAPE: Kroll Artifact Parser and Extractor
2019-08-05/a>
Rick Wanner
Scanning for Bluekeep vulnerable RDP instances
2019-05-22/a>
Johannes Ullrich
An Update on the Microsoft Windows RDP "Bluekeep" Vulnerability (CVE-2019-0708) [now with pcaps]
2019-04-05/a>
Russ McRee
Beagle: Graph transforms for DFIR data & logs
2019-02-05/a>
Rob VandenBrink
Mitigations against Mimikatz Style Attacks
2018-10-17/a>
Russ McRee
RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2018-06-16/a>
Russ McRee
Anomaly Detection & Threat Hunting with Anomalize
2017-07-01/a>
Rick Wanner
Using nmap to scan for MS17-010 (CVE-2017-0143 EternalBlue)
2010-02-11/a>
Johannes Ullrich
MS10-015 may cause Windows XP to blue screen
TEAM
2024-11-07/a>
Xavier Mertens
Steam Account Checker Poisoned with Infostealer
2023-07-01/a>
Russ McRee
Sandfly Security
2023-05-09/a>
Russ McRee
Exploratory Data Analysis with CISSM Cyber Attacks Database - Part 2
2022-09-23/a>
Xavier Mertens
Kids Like Cookies, Malware Too!
2022-09-19/a>
Russ McRee
Chainsaw: Hunt, search, and extract event log records
2022-06-10/a>
Russ McRee
EPSScall: An Exploit Prediction Scoring System App
2021-12-28/a>
Russ McRee
LotL Classifier tests for shells, exfil, and miners
2021-03-06/a>
Xavier Mertens
Spotting the Red Team on VirusTotal!
2021-03-02/a>
Russ McRee
Adversary Simulation with Sim
2021-01-19/a>
Russ McRee
Gordon for fast cyber reputation checks
2020-10-23/a>
Russ McRee
Sooty: SOC Analyst's All-in-One Tool
2020-08-12/a>
Russ McRee
To the Brim at the Gates of Mordor Pt. 1
2020-06-30/a>
Russ McRee
ISC Snapshot: SpectX IP Hitcount Query
2020-04-21/a>
Russ McRee
SpectX: Log Parser for DFIR
2020-02-27/a>
Xavier Mertens
Offensive Tools Are For Blue Teams Too
2020-01-21/a>
Russ McRee
DeepBlueCLI: Powershell Threat Hunting
2019-11-29/a>
Russ McRee
ISC Snapshot: Search with SauronEye
2019-11-08/a>
Xavier Mertens
Microsoft Apps Diverted from Their Main Use
2019-10-06/a>
Russ McRee
visNetwork for Network Data
2019-08-21/a>
Russ McRee
KAPE: Kroll Artifact Parser and Extractor
2019-07-16/a>
Russ McRee
Commando VM: The Complete Mandiant Offensive VM
2019-04-05/a>
Russ McRee
Beagle: Graph transforms for DFIR data & logs
2019-02-05/a>
Rob VandenBrink
Mitigations against Mimikatz Style Attacks
2018-10-17/a>
Russ McRee
RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2018-06-16/a>
Russ McRee
Anomaly Detection & Threat Hunting with Anomalize
2012-04-23/a>
Russ McRee
Emergency Operations Centers & Security Incident Management: A Correlation
2011-03-25/a>
Kevin Liston
APT Tabletop Exercise
2010-01-22/a>
Mari Nichols
Pass-down for a Successful Incident Response
2010-01-14/a>
Bojan Zdrnja
DRG (Dragon Research Group) Distro available for general release
2009-03-22/a>
Mari Nichols
Dealing with Security Challenges
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Follow the Internet Storm Center on
Twitter
