Date Author Title

NSE SCRIPT

2024-05-22Rob VandenBrinkNMAP Scanning without Scanning (Part 2) - The ipinfo API

NSE

2024-05-22/a>Rob VandenBrinkNMAP Scanning without Scanning (Part 2) - The ipinfo API
2023-10-03/a>Tom WebbAre Local LLMs Useful in Incident Response?
2023-06-30/a>Yee Ching TokDShield pfSense Client Update
2023-04-27/a>Johannes UllrichSANS.edu Research Journal: Volume 3
2023-03-07/a>Johannes UllrichHackers Love This VSCode Extension: What You Can Do to Stay Safe
2023-02-01/a>Jesse La GrewRotating Packet Captures with pfSense
2023-01-31/a>Jesse La GrewDShield Honeypot Setup with pfSense
2023-01-26/a>Tom WebbLive Linux IR with UAC
2022-06-15/a>Johannes UllrichTerraforming Honeypots. Installing DShield Sensors in the Cloud
2022-06-02/a>Johannes UllrichQuick Answers in Incident Response: RECmd.exe
2021-12-06/a>Xavier MertensThe Importance of Out-of-Band Networks
2021-02-15/a>Johannes UllrichSecuring and Optimizing Networks: Using pfSense Traffic Shaper Limiters to Combat Bufferbloat
2021-01-25/a>Rob VandenBrinkFun with NMAP NSE Scripts and DOH (DNS over HTTPS)
2020-09-17/a>Xavier MertensSuspicious Endpoint Containment with OSSEC
2020-07-23/a>Xavier MertensSimple Blocklisting with MISP & pfSense
2020-05-08/a>Xavier MertensUsing Nmap As a Lightweight Vulnerability Scanner
2020-05-07/a>Bojan ZdrnjaScanning with nmap?s NSE scripts
2020-02-16/a>Guy BruneauSOAR or not to SOAR?
2019-08-25/a>Guy BruneauAre there any Advantages of Buying Cyber Security Insurance?
2018-12-19/a>Xavier MertensUsing OSSEC Active-Response as a DFIR Framework
2017-12-05/a>Tom WebbIR using the Hive Project.
2017-09-17/a>Guy BruneaurockNSM as a Incident Response Package
2017-06-17/a>Guy BruneauMapping Use Cases to Logs. Which Logs are the Most Important to Collect?
2017-01-05/a>John BambenekNew Year's Resolution: Build Your Own Malware Lab?
2016-08-24/a>Tom WebbStay on Track During IR
2016-02-11/a>Tom WebbTomcat IR with XOR.DDoS
2015-11-09/a>John BambenekICYMI: Widespread Unserialize Vulnerability in Java
2015-03-07/a>Guy BruneauShould it be Mandatory to have an Independent Security Audit after a Breach?
2014-12-24/a>Rick WannerIncident Response at Sony
2014-12-01/a>Guy BruneauDo you have a Data Breach Response Plan?
2014-04-04/a>Rob VandenBrinkDealing with Disaster - A Short Malware Incident Response
2014-01-23/a>Chris MohanLearning from the breaches that happens to others Part 2
2014-01-22/a>Chris MohanLearning from the breaches that happens to others
2013-11-22/a>Rick WannerPort 0 DDOS
2013-10-05/a>Richard PorterAdobe Breach Notification, Notifications?
2013-07-12/a>Johannes UllrichMicrosoft Teredo Server "Sunset"
2013-03-18/a>Kevin ShorttCisco IOS Type 4 Password Issue: http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20130318-type4
2013-03-02/a>Scott FendleyEvernote Security Issue
2012-11-16/a>Manuel Humberto Santander PelaezInformation Security Incidents are now a concern for colombian government
2012-04-23/a>Russ McReeEmergency Operations Centers & Security Incident Management: A Correlation
2011-10-28/a>Russ McReeCritical Control 19: Data Recovery Capability
2011-10-27/a>Mark BaggettCritical Control 18: Incident Response Capabilities
2011-07-25/a>Chris MohanMonday morning incident handler practice
2011-07-09/a>Chris MohanSafer Windows Incident Response
2011-05-14/a>Guy BruneauWebsense Study Claims Canada Next Hotbed for Cybercrime Web Hosting Activity
2011-04-25/a>Rob VandenBrinkSony PlayStation Network Outage - Day 5
2011-04-01/a>John BambenekLizaMoon Mass SQL-Injection Attack Infected at least 500k Websites
2011-03-25/a>Kevin ListonAPT Tabletop Exercise
2010-10-18/a>Manuel Humberto Santander PelaezCyber Security Awareness Month - Day 18 - What you should tell your boss when there's a crisis
2010-09-04/a>Kevin ListonInvestigating Malicious Website Reports
2010-07-24/a>Manuel Humberto Santander PelaezTransmiting logon information unsecured in the network
2010-05-07/a>Rob VandenBrinkSecurity Awareness – Many Audiences, Many Messages (Part 2)
2010-03-25/a>Kevin ListonResponding to "Copyright Lawsuit filed against you"
2010-03-21/a>Chris CarboniResponding To The Unexpected
2010-01-22/a>Mari NicholsPass-down for a Successful Incident Response
2010-01-08/a>Rob VandenBrinkMicrosoft OfficeOnline, Searching for Trust and Malware
2009-06-11/a>Rick WannerMIR-ROR Motile Incident Response - Respond Objectively Remediate
2009-05-01/a>Adrien de BeaupreIncident Management
2009-04-16/a>Adrien de BeaupreIncident Response vs. Incident Handling
2009-04-02/a>Bojan ZdrnjaJavaScript insertion and log deletion attack tools
2009-03-24/a>G. N. WhiteCanSecWest Pwn2Own: Would IE8 have been exploitable had the event waited one more day?
2009-03-19/a>Mark HofmanBrowsers Tumble at CanSecWest

SCRIPT

2024-08-26/a>Xavier MertensFrom Highly Obfuscated Batch File to XWorm and Redline
2024-05-22/a>Rob VandenBrinkNMAP Scanning without Scanning (Part 2) - The ipinfo API
2024-03-28/a>Xavier MertensFrom JavaScript to AsyncRAT
2024-02-21/a>Jan KoprivaPhishing pages hosted on archive.org
2024-01-12/a>Xavier MertensOne File, Two Payloads
2023-11-17/a>Jan KoprivaPhishing page with trivial anti-analysis features
2023-08-23/a>Xavier MertensMore Exotic Excel Files Dropping AgentTesla
2023-05-20/a>Xavier MertensPhishing Kit Collecting Victim's IP Address
2022-11-04/a>Xavier MertensRemcos Downloader with Unicode Obfuscation
2022-08-11/a>Xavier MertensInfoStealer Script Based on Curl and NSudo
2022-06-16/a>Xavier MertensHoudini is Back Delivered Through a JavaScript Dropper
2022-06-01/a>Jan KoprivaHTML phishing attachments - now with anti-analysis features
2022-05-09/a>Xavier MertensOctopus Backdoor is Back with a New Embedded Obfuscated Bat File
2022-01-18/a>Jan KoprivaPhishing e-mail with...an advertisement?
2022-01-04/a>Xavier MertensA Simple Batch File That Blocks People
2021-11-18/a>Xavier MertensJavaScript Downloader Delivers Agent Tesla Trojan
2021-10-21/a>Brad Duncan"Stolen Images Evidence" campaign pushes Sliver-based malware
2021-09-17/a>Xavier MertensMalicious Calendar Subscriptions Are Back?
2021-05-28/a>Xavier MertensMalicious PowerShell Hosted on script.google.com
2021-05-22/a>Xavier Mertens"Serverless" Phishing Campaign
2021-05-18/a>Xavier MertensFrom RunDLL32 to JavaScript then PowerShell
2021-04-28/a>Xavier MertensDeeper Analyzis of my Last Malicious PowerPoint Add-On
2021-03-19/a>Xavier MertensPastebin.com Used As a Simple C2 Channel
2020-11-13/a>Xavier MertensOld Worm But New Obfuscation Technique
2020-11-09/a>Xavier MertensHow Attackers Brush Up Their Malicious Scripts
2020-07-24/a>Xavier MertensCompromized Desktop Applications by Web Technologies
2020-06-11/a>Xavier MertensAnti-Debugging JavaScript Techniques
2020-06-08/a>Didier StevensTranslating BASE64 Obfuscated Scripts
2020-05-08/a>Xavier MertensUsing Nmap As a Lightweight Vulnerability Scanner
2020-03-27/a>Xavier MertensMalicious JavaScript Dropping Payload in the Registry
2020-02-22/a>Xavier MertensSimple but Efficient VBScript Obfuscation
2020-02-07/a>Xavier MertensSandbox Detection Tricks & Nice Obfuscation in a Single VBScript
2019-09-26/a>Rob VandenBrinkMining MAC Address and OUI Information
2019-08-30/a>Xavier MertensMalware Dropping a Local Node.js Instance
2019-08-22/a>Xavier MertensSimple Mimikatz & RDPWrapper Dropper
2019-08-09/a>Xavier Mertens100% JavaScript Phishing Page
2019-06-10/a>Xavier MertensInteresting JavaScript Obfuscation Example
2019-02-21/a>Xavier MertensSimple Powershell Keyloggers are Back
2019-02-07/a>Xavier Mertens Phishing Kit with JavaScript Keylogger
2018-07-13/a>Xavier MertensCryptominer Delivered Though Compromized JavaScript File
2018-06-19/a>Xavier MertensPowerShell: ScriptBlock Logging... Or Not?
2018-06-18/a>Xavier MertensMalicious JavaScript Targeting Mobile Browsers
2018-05-01/a>Xavier MertensDiving into a Simple Maldoc Generator
2017-07-08/a>Xavier MertensA VBScript with Obfuscated Base64 Data
2017-06-22/a>Xavier MertensObfuscating without XOR
2017-03-24/a>Xavier MertensNicely Obfuscated JavaScript Sample
2017-03-04/a>Xavier MertensHow your pictures may affect your website reputation
2017-02-12/a>Xavier MertensAnalysis of a Suspicious Piece of JavaScript
2017-02-02/a>Rick WannerMultiple vulnerabilities discovered in popular printer models
2016-12-13/a>Xavier MertensUAC Bypass in JScript Dropper
2016-08-28/a>Guy BruneauSpam with Obfuscated Javascript
2016-06-18/a>Rob VandenBrinkControlling JavaScript Malware Before it Runs
2016-02-20/a>Didier StevensLocky: JavaScript Deobfuscation
2016-02-07/a>Xavier MertensMore Malicious JavaScript Obfuscation
2016-01-15/a>Xavier MertensJavaScript Deobfuscation Tool
2015-08-07/a>Tony CarothersCritical Firefox Update Today
2015-03-12/a>Johannes UllrichWho got the bad SSL Certificate? Using tshark to analyze the SSL handshake.
2014-08-29/a>Johannes UllrichFalse Positive or Not? Difficult to Analyze Javascript
2014-08-12/a>Adrien de BeaupreHost discovery with nmap
2014-07-02/a>Johannes UllrichSimple Javascript Extortion Scheme Advertised via Bing
2014-01-17/a>Russ McReeMassive RFI scans likely a free web app vuln scanner rather than bots
2013-11-04/a>Manuel Humberto Santander PelaezWhen attackers use your DNS to check for the sites you are visiting
2013-08-07/a>Johannes UllrichFirefox 23 and Mixed Active Content
2013-07-20/a>Manuel Humberto Santander PelaezDo you have rogue Internet gateways in your network? Check it with nmap
2013-07-01/a>Manuel Humberto Santander PelaezUsing nmap scripts to enhance vulnerability asessment results
2013-04-23/a>Russ McReeMicrosoft's Security Intelligence Report (SIRv14) released
2013-02-11/a>John BambenekIs This Chinese Registrar Really Trying to XSS Me?
2013-02-08/a>Kevin ShorttIs it Spam or Is it Malware?
2013-02-04/a>Russ McReeAn expose of a recent SANS GIAC XSS vulnerability
2013-01-30/a>Richard PorterGetting Involved with the Local Community
2013-01-25/a>Johannes UllrichVulnerability Scans via Search Engines (Request for Logs)
2012-08-16/a>Johannes UllrichA Poor Man's DNS Anomaly Detection Script
2012-06-25/a>Guy BruneauUsing JSDetox to Analyze and Deobfuscate Javascript
2012-05-22/a>Johannes Ullrichnmap 6 released
2012-04-25/a>Daniel WesemannBlacole's obfuscated JavaScript
2012-01-22/a>Johannes UllrichJavascript DDoS Tool Analysis
2012-01-12/a>Rob VandenBrinkStuff I Learned Scripting - Fun with STDERR
2012-01-03/a>Bojan ZdrnjaThe tale of obfuscated JavaScript continues
2011-12-07/a>Lenny ZeltserV8 as an Alternative to SpiderMonkey for JavaScript Deobfuscation
2011-11-10/a>Rob VandenBrinkStuff I Learned Scripting - - Parsing XML in a One-Liner
2011-11-07/a>Rob VandenBrinkStuff I Learned Scripting - Evaluating a Remote SSL Certificate
2011-08-24/a>Rob VandenBrinkCitrix Access Gateway Cross Site Scripting vulnerability and fix ==> http://support.citrix.com/article/CTX129971
2011-06-06/a>Manuel Humberto Santander PelaezPhishing: Same goal, same techniques and people still falling for such scams
2011-04-23/a>Manuel Humberto Santander PelaezImage search can lead to malware download
2011-01-24/a>Rob VandenBrinkWhere have all the COM Ports Gone? - How enumerating COM ports led to me finding a “misplaced” Microsoft tool
2010-12-02/a>Kevin JohnsonRobert Hansen and our happiness
2010-07-29/a>Rob VandenBrinkNoScript 2.0 released
2010-07-04/a>Manuel Humberto Santander PelaezMalware inside PDF Files
2010-03-05/a>Kyle HaugsnessJavascript obfuscators used in the wild
2009-05-04/a>Tom ListonAdobe Reader/Acrobat Critical Vulnerability
2009-04-07/a>Bojan ZdrnjaAdvanced JavaScript obfuscation (or why signature scanning is a failure)
2009-04-02/a>Bojan ZdrnjaJavaScript insertion and log deletion attack tools
2009-02-25/a>Andre LudwigAdobe Acrobat pdf 0-day exploit, No JavaScript needed!
2008-07-14/a>Daniel WesemannObfuscated JavaScript Redux
2008-06-30/a>Marcus SachsMore SQL Injection with Fast Flux hosting
2008-05-20/a>Raul SilesList of malicious domains inserted through SQL injection
2008-04-29/a>Bojan ZdrnjaScripts in ASF files
2008-04-06/a>Daniel WesemannAdvanced obfuscated JavaScript analysis
2008-04-03/a>Bojan ZdrnjaMixed (VBScript and JavaScript) obfuscation