Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Diaries by Keyword Diaries by Keyword

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

KILL TOOL

2011-08-25Kevin ShorttRevival of an Unpatched Apache HTTPD DoS

KILL

2017-12-27/a>Guy BruneauWhat are your Security Challenges for 2018?
2017-05-13/a>Guy BruneauHas anyone Tested WannaCry Killswitch? - https://blog.didierstevens.com/2017/05/13/quickpost-wcry-killswitch-check-is-not-proxy-aware/
2016-11-23/a>Tom WebbMapping Attack Methodology to Controls
2016-01-05/a>Guy BruneauWhat are you Concerned the Most in 2016?
2011-08-30/a>Johannes UllrichApache patch out for "byte range" DoS vulnerability http://www.apache.org/dist/httpd/Announcement2.2.html
2011-08-25/a>Kevin ShorttRevival of an Unpatched Apache HTTPD DoS
2009-07-13/a>Adrien de BeaupreVulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution
2008-08-15/a>Jim ClausingAnother MS update that may have escaped notice
2008-07-07/a>Scott FendleyMicrosoft Snapshot Viewer Security Advisory
2006-09-30/a>Robert Danford*WebViewFolderIcon ActiveX control exploit(s) in the wild
2006-09-28/a>Tom ListonSetslice Killbit Apps

TOOL

2020-08-25/a>Xavier MertensKeep An Eye on LOLBins
2020-06-11/a>Xavier MertensAnti-Debugging JavaScript Techniques
2020-03-13/a>Rob VandenBrinkNot all Ethernet NICs are Created Equal - Trying to Capture Invalid Ethernet Frames
2020-02-27/a>Xavier MertensOffensive Tools Are For Blue Teams Too
2019-10-29/a>Xavier MertensGenerating PCAP Files from YAML
2019-05-10/a>Xavier MertensDSSuite - A Docker Container with Didier's Tools
2018-11-17/a>Xavier MertensQuickly Investigating Websites with Lookyloo
2018-11-11/a>Pasquale StirparoCommunity contribution: joining forces or multiply solutions?
2018-10-10/a>Xavier Mertens"OG" Tools Remain Valuable
2018-08-15/a>Xavier MertensTruncating Payloads and Anonymizing PCAP files
2018-08-05/a>Didier StevensVideo: Maldoc analysis with standard Linux tools
2018-07-30/a>Xavier MertensExploiting the Power of Curl
2018-01-26/a>Xavier MertensInvestigating Microsoft BITS Activity
2017-09-19/a>Jim ClausingNew tool: mac-robber.py
2017-05-26/a>Lorna HutchesonFile2pcap - A new tool for your toolkit!
2017-04-19/a>Xavier MertensHunting for Malicious Excel Sheets
2017-01-13/a>Xavier MertensWho's Attacking Me?
2017-01-12/a>Mark BaggettSome tools updates
2017-01-12/a>Mark BaggettSystem Resource Utilization Monitor
2017-01-07/a>Xavier MertensUsing Security Tools to Compromize a Network
2016-02-06/a>Jim ClausingMore updates to kippo-log2db
2015-08-31/a>Xavier MertensDetecting file changes on Microsoft systems with FCIV
2015-02-19/a>Daniel WesemannMacros? Really?!
2015-02-07/a>Jim ClausingUpdate to kippo-log2db.pl
2014-11-05/a>Russ McReeTool Tip: vFeed
2014-09-14/a>Jim ClausingSSDEEP update
2014-08-12/a>Adrien de BeaupreHost discovery with nmap
2014-08-06/a>Chris MohanFree Service to Help CryptoLocker Victims by FireEye and Fox-IT
2013-11-19/a>Jim ClausingUpdated dumpdns.pl
2013-10-22/a>Richard PorterGreenbone and OpenVAS Scanner
2013-09-02/a>Guy BruneauSnort IDS Sensor with Sguil New ISO Released
2013-06-18/a>Russ McReeEMET 4.0 is now available for download
2013-06-05/a>Richard PorterWindows Sysinternals Updated http://technet.microsoft.com/en-us/sysinternals/default.aspx
2013-05-11/a>Lenny ZeltserExtracting Digital Signatures from Signed Malware
2013-02-03/a>Lorna HutchesonIs it Really an Attack?
2012-12-03/a>John BambenekJohn McAfee Exposes His Location in Photo About His Being on Run
2012-05-06/a>Jim ClausingTool updates and Win 8
2011-08-25/a>Kevin ShorttRevival of an Unpatched Apache HTTPD DoS
2011-08-22/a>Jim ClausingAre your tools ready for IPv6? (part 2)
2011-08-04/a>Jim ClausingAre your tools ready for IPv6? (part 1)
2010-12-30/a>Rick WannerSamuraiWTF Review over at ISSA Toolsmith
2010-12-09/a>Mark HofmanHaving a look at the DDOS tool used in the attacks today
2010-12-05/a>Jim ClausingUpdates to a couple of Sysinternals tools
2010-10-20/a>Jim ClausingTools updates - Oct 2010
2010-10-19/a>Rob VandenBrinkCyber Security Awareness Month - Day 19 - Remote Access Tools
2010-10-19/a>Rob VandenBrinkCyber Security Awareness Month - Day 19 - VPN and Remote Access Tools
2010-08-09/a>Jim ClausingFree/inexpensive tools for monitoring systems/networks
2010-07-13/a>Jim ClausingForensic challenge results
2010-05-28/a>Jim ClausingWireshark SMB file extraction plug-in
2010-05-04/a>Rick WannerSIFT review in the ISSA Toolsmith
2010-03-30/a>Marcus SachsZigbee Analysis Tools
2010-03-30/a>Pedro BuenoSharing the Tools
2010-01-19/a>Jim ClausingForensic challenges
2010-01-06/a>Johannes UllrichNew Tool: IPv6 conversions http://isc.sans.org/tools/ipv6.html
2009-11-26/a>Tony CarothersWhat Are You Thankful For?
2009-11-25/a>Jim ClausingTool updates
2009-11-02/a>Rob VandenBrinkMicrosoft releases v1.02 of Enhanced Mitigation Evaluation Toolkit (EMET)
2009-09-24/a>Jim ClausingA couple more tools
2009-08-13/a>Jim ClausingTools for extracting files from pcaps
2009-05-25/a>Jim ClausingMore tools for (US) Memorial Day
2009-04-02/a>Bojan ZdrnjaJavaScript insertion and log deletion attack tools
2009-03-01/a>Jim ClausingCool combination of tools
2008-12-13/a>Jim ClausingFollowup from last shift and some research to do.
2008-11-17/a>Jim ClausingHow are you coming with that IPv6 migration?
2008-11-13/a>Jim ClausingSome recently updated tools
2008-09-22/a>Jim ClausingMore on tools/resources/blogs
2008-09-07/a>Lorna HutchesonMalware Analysis: Tools are only so good
2008-07-11/a>Jim ClausingUpdates to some of our favorite tools