Internet Storm Center
Sign In
Sign Up
SANS Network Security: Las Vegas Sept 4-9.
Handler on Duty:
Xavier Mertens
Threat Level:
green
Date
Author
Title
2024-05-08
Xavier Mertens
Analyzing Synology Disks on Linux
2023-08-26
Xavier Mertens
macOS: Who?s Behind This Network Connection?
2023-05-26
Xavier Mertens
Using DFIR Techniques To Recover From Infrastructure Outages
2023-01-26
Tom Webb
Live Linux IR with UAC
2022-09-19
Russ McRee
Chainsaw: Hunt, search, and extract event log records
2022-06-10
Russ McRee
EPSScall: An Exploit Prediction Scoring System App
2022-06-02
Johannes Ullrich
Quick Answers in Incident Response: RECmd.exe
2021-12-28
Russ McRee
LotL Classifier tests for shells, exfil, and miners
2021-12-06
Xavier Mertens
The Importance of Out-of-Band Networks
2021-03-02
Russ McRee
Adversary Simulation with Sim
2021-01-19
Russ McRee
Gordon for fast cyber reputation checks
2020-10-23
Russ McRee
Sooty: SOC Analyst's All-in-One Tool
2020-08-12
Russ McRee
To the Brim at the Gates of Mordor Pt. 1
2020-06-30
Russ McRee
ISC Snapshot: SpectX IP Hitcount Query
2020-04-21
Russ McRee
SpectX: Log Parser for DFIR
2020-01-21
Russ McRee
DeepBlueCLI: Powershell Threat Hunting
2019-10-06
Russ McRee
visNetwork for Network Data
2019-06-04
Russ McRee
ISC snapshot: r-cyber with rud.is
2019-04-05
Russ McRee
Beagle: Graph transforms for DFIR data & logs
2018-12-19
Xavier Mertens
Using OSSEC Active-Response as a DFIR Framework
2018-11-11
Pasquale Stirparo
Community contribution: joining forces or multiply solutions?
2018-11-04
Pasquale Stirparo
Beyond good ol' LaunchAgent - part 1
2018-08-26
Didier Stevens
"When was this machine infected?"
2018-06-16
Russ McRee
Anomaly Detection & Threat Hunting with Anomalize
2017-12-14
Russ McRee
Detection Lab: Visibility & Introspection for Defenders
2017-09-28
Xavier Mertens
The easy way to analyze huge amounts of PCAP data
2017-07-09
Russ McRee
Adversary hunting with SOF-ELK
2016-11-20
Pasquale Stirparo
How many “Epoch” times? Epocalypse.py timestamp converter
2016-10-31
Russ McRee
SEC505 DFIR capture script: snapshot.ps1
2015-08-17
Russ McRee
Tool Tip: Kansa Stafford released, PowerShell for DFIR
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Subscribe to the Internet Storm Center
YouTube Channel