Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Diaries by Keyword Diaries by Keyword

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

LINUX TOOLS

2018-08-05Didier StevensVideo: Maldoc analysis with standard Linux tools

LINUX

2019-06-18/a>Johannes UllrichWhat You Need To Know About TCP "SACK Panic"
2018-10-26/a>Xavier MertensDissecting Malicious Office Documents with Linux
2018-10-17/a>Russ McReeRedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2018-08-05/a>Didier StevensVideo: Maldoc analysis with standard Linux tools
2017-10-18/a>Renato MarinhoBaselining Servers to Detect Outliers
2017-06-14/a>Xavier MertensSystemd Could Fallback to Google DNS?
2016-07-27/a>Xavier MertensAnalyze of a Linux botnet client source code
2016-05-18/a>Russ McReeResources: Windows Auditing & Monitoring, Linux 2FA
2016-05-08/a>Jim ClausingGuest Diary: Linux Capabilities - A friend and foe
2016-03-28/a>Xavier MertensImproving Bash Forensics Capabilities
2014-11-25/a>Adrien de BeaupreLess is, umm, less?
2014-08-16/a>Lenny ZeltserWeb Server Attack Investigation - Installing a Bot and Reverse Shell via a PHP Vulnerability
2014-03-07/a>Tom WebbLinux Memory Dump with Rekall
2013-12-24/a>Daniel WesemannUnfriendly crontab additions
2013-05-14/a>Swa FrantzenCVE-2013-2094: Linux privilege escalation
2011-08-31/a>Johannes UllrichKernel.org Compromise
2011-07-31/a>Daniel WesemannAnatomy of a Unix breach
2011-06-01/a>Johannes UllrichEnabling Privacy Enhanced Addresses for IPv6
2011-05-01/a>Deborah HaleDroid MarketPlace Has a New App
2010-09-17/a>Robert DanfordCirca 2007 Linux Kernel Vulnerability Resurfaces (Was CVE-2007-4573, Now CVE-2010-3301)
2009-07-17/a>Bojan ZdrnjaA new fascinating Linux kernel vulnerability
2008-07-31/a>Swa FrantzenLinus - Linux and Security - follow-up
2008-07-29/a>Swa FrantzenLinus - Linux and Security
2008-06-10/a>Swa FrantzenLinux ASN.1 BER kernel buffer overflow
2008-05-13/a>Swa FrantzenOpenSSH: Predictable PRNG in debian and ubuntu Linux

TOOLS

2019-05-10/a>Xavier MertensDSSuite - A Docker Container with Didier's Tools
2018-11-11/a>Pasquale StirparoCommunity contribution: joining forces or multiply solutions?
2018-10-10/a>Xavier Mertens"OG" Tools Remain Valuable
2018-08-05/a>Didier StevensVideo: Maldoc analysis with standard Linux tools
2018-07-30/a>Xavier MertensExploiting the Power of Curl
2017-09-19/a>Jim ClausingNew tool: mac-robber.py
2017-01-12/a>Mark BaggettSome tools updates
2017-01-12/a>Mark BaggettSystem Resource Utilization Monitor
2017-01-07/a>Xavier MertensUsing Security Tools to Compromize a Network
2016-02-06/a>Jim ClausingMore updates to kippo-log2db
2015-02-19/a>Daniel WesemannMacros? Really?!
2015-02-07/a>Jim ClausingUpdate to kippo-log2db.pl
2014-11-05/a>Russ McReeTool Tip: vFeed
2014-09-14/a>Jim ClausingSSDEEP update
2014-08-12/a>Adrien de BeaupreHost discovery with nmap
2013-11-19/a>Jim ClausingUpdated dumpdns.pl
2013-06-18/a>Russ McReeEMET 4.0 is now available for download
2013-06-05/a>Richard PorterWindows Sysinternals Updated http://technet.microsoft.com/en-us/sysinternals/default.aspx
2013-05-11/a>Lenny ZeltserExtracting Digital Signatures from Signed Malware
2013-02-03/a>Lorna HutchesonIs it Really an Attack?
2012-05-06/a>Jim ClausingTool updates and Win 8
2011-08-22/a>Jim ClausingAre your tools ready for IPv6? (part 2)
2011-08-04/a>Jim ClausingAre your tools ready for IPv6? (part 1)
2010-12-30/a>Rick WannerSamuraiWTF Review over at ISSA Toolsmith
2010-12-09/a>Mark HofmanHaving a look at the DDOS tool used in the attacks today
2010-12-05/a>Jim ClausingUpdates to a couple of Sysinternals tools
2010-10-20/a>Jim ClausingTools updates - Oct 2010
2010-10-19/a>Rob VandenBrinkCyber Security Awareness Month - Day 19 - Remote Access Tools
2010-10-19/a>Rob VandenBrinkCyber Security Awareness Month - Day 19 - VPN and Remote Access Tools
2010-08-09/a>Jim ClausingFree/inexpensive tools for monitoring systems/networks
2010-07-13/a>Jim ClausingForensic challenge results
2010-05-28/a>Jim ClausingWireshark SMB file extraction plug-in
2010-03-30/a>Pedro BuenoSharing the Tools
2010-03-30/a>Marcus SachsZigbee Analysis Tools
2010-01-19/a>Jim ClausingForensic challenges
2010-01-06/a>Johannes UllrichNew Tool: IPv6 conversions http://isc.sans.org/tools/ipv6.html
2009-11-26/a>Tony CarothersWhat Are You Thankful For?
2009-11-25/a>Jim ClausingTool updates
2009-09-24/a>Jim ClausingA couple more tools
2009-05-25/a>Jim ClausingMore tools for (US) Memorial Day
2009-03-01/a>Jim ClausingCool combination of tools
2008-12-13/a>Jim ClausingFollowup from last shift and some research to do.
2008-11-17/a>Jim ClausingHow are you coming with that IPv6 migration?
2008-11-13/a>Jim ClausingSome recently updated tools
2008-09-22/a>Jim ClausingMore on tools/resources/blogs
2008-09-07/a>Lorna HutchesonMalware Analysis: Tools are only so good
2008-07-11/a>Jim ClausingUpdates to some of our favorite tools