Internet Storm Center
Sign In
Sign Up
Watch ISC TV. Great for NOCs, SOCs and Living Rooms:
https://isctv.sans.edu
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
2023-01-26
Tom Webb
Live Linux IR with UAC
2022-09-19
Russ McRee
Chainsaw: Hunt, search, and extract event log records
2022-06-10
Russ McRee
EPSScall: An Exploit Prediction Scoring System App
2022-06-02
Johannes Ullrich
Quick Answers in Incident Response: RECmd.exe
2021-12-28
Russ McRee
LotL Classifier tests for shells, exfil, and miners
2021-12-06
Xavier Mertens
The Importance of Out-of-Band Networks
2021-03-02
Russ McRee
Adversary Simulation with Sim
2021-01-19
Russ McRee
Gordon for fast cyber reputation checks
2020-10-23
Russ McRee
Sooty: SOC Analyst's All-in-One Tool
2020-08-12
Russ McRee
To the Brim at the Gates of Mordor Pt. 1
2020-06-30
Russ McRee
ISC Snapshot: SpectX IP Hitcount Query
2020-04-21
Russ McRee
SpectX: Log Parser for DFIR
2020-01-21
Russ McRee
DeepBlueCLI: Powershell Threat Hunting
2019-10-06
Russ McRee
visNetwork for Network Data
2019-06-04
Russ McRee
ISC snapshot: r-cyber with rud.is
2019-04-05
Russ McRee
Beagle: Graph transforms for DFIR data & logs
2018-12-19
Xavier Mertens
Using OSSEC Active-Response as a DFIR Framework
2018-11-11
Pasquale Stirparo
Community contribution: joining forces or multiply solutions?
2018-11-04
Pasquale Stirparo
Beyond good ol' LaunchAgent - part 1
2018-08-26
Didier Stevens
"When was this machine infected?"
2018-06-16
Russ McRee
Anomaly Detection & Threat Hunting with Anomalize
2017-12-14
Russ McRee
Detection Lab: Visibility & Introspection for Defenders
2017-09-28
Xavier Mertens
The easy way to analyze huge amounts of PCAP data
2017-07-09
Russ McRee
Adversary hunting with SOF-ELK
2016-11-20
Pasquale Stirparo
How many “Epoch” times? Epocalypse.py timestamp converter
2016-10-31
Russ McRee
SEC505 DFIR capture script: snapshot.ps1
2015-08-17
Russ McRee
Tool Tip: Kansa Stafford released, PowerShell for DFIR
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
The Internet Storm Center is a community for everyone, so
join the conversation