Diaries by Keyword - SANS Internet Storm Center

Handler on Duty: Didier Stevens

Threat Level: green

Date	Author	Title
2024-10-03	Guy Bruneau	Kickstart Your DShield Honeypot [Guest Diary]
2024-09-25	Guy Bruneau	OSINT - Image Analysis or More Where, When, and Metadata [Guest Diary]
2024-09-11	Guy Bruneau	Hygiene, Hygiene, Hygiene! [Guest Diary]
2024-09-04	Guy Bruneau	Attack Surface [Guest Diary]
2024-08-27	Guy Bruneau	Vega-Lite with Kibana to Parse and Display IP Activity over Time
2024-08-20	Guy Bruneau	Mapping Threats with DNSTwist and the Internet Storm Center [Guest Diary]
2024-08-07	Guy Bruneau	Same Scripts, Different Day: What My DShield Honeypot Taught Me About the Importance of Security Fundamentals [Guest Diary]
2024-07-16	Guy Bruneau	Who You Gonna Call? AndroxGh0st Busters! [Guest Diary]
2024-06-26	Guy Bruneau	What Setting Live Traps for Cybercriminals Taught Me About Security [Guest Diary]
2024-06-13	Guy Bruneau	The Art of JQ and Command-line Fu [Guest Diary]
2024-05-28	Guy Bruneau	Is that It? Finding the Unknown: Correlations Between Honeypot Logs & PCAPs [Guest Diary]
2024-05-22	Guy Bruneau	Analysis of ?redtail? File Uploads to ICS Honeypot, a Multi-Architecture Coin Miner [Guest Diary]
2024-04-07	Guy Bruneau	A Use Case for Adding Threat Hunting to Your Security Operations Team. Detecting Adversaries Abusing Legitimate Tools in A Customer Environment. [Guest Diary]
2022-12-20	Xavier Mertens	Linux File System Monitoring & Actions
2022-12-19	Xavier Mertens	Hunting for Mastodon Servers
2021-03-17	Xavier Mertens	Defenders, Know Your Operating System Like Attackers Do!
2020-08-24	Xavier Mertens	Tracking A Malware Campaign Through VT
2020-01-25	Guy Bruneau	Is Threat Hunting the new Fad?
2020-01-21	Russ McRee	DeepBlueCLI: Powershell Threat Hunting
2019-10-10	Rob VandenBrink	Mining Live Networks for OUI Data Oddness
2019-07-17	Xavier Mertens	Analyzis of DNS TXT Records
2019-03-27	Xavier Mertens	Running your Own Passive DNS Service
2018-11-20	Xavier Mertens	Querying DShield from Cortex
2018-10-17	Russ McRee	RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2018-09-20	Xavier Mertens	Hunting for Suspicious Processes with OSSEC
2018-08-10	Remco Verhoef	Hunting SSL/TLS clients using JA3
2018-06-21	Xavier Mertens	Are Your Hunting Rules Still Working?
2017-12-02	Xavier Mertens	Using Bad Material for the Good
2017-11-23	Xavier Mertens	Proactive Malicious Domain Search
2017-10-18	Renato Marinho	Baselining Servers to Detect Outliers
2017-09-02	Xavier Mertens	AutoIT based malware back in the wild
2017-03-15	Xavier Mertens	Retro Hunting!
2016-07-12	Xavier Mertens	Hunting for Malicious Files with MISP + OSSEC