PAC FILE |
| 2016-08-24 | Xavier Mertens | Example of Targeted Attack Through a Proxy PAC File |
PAC |
| 2020-05-31/a> | Guy Bruneau | Windows 10 Built-in Packet Sniffer - PktMon |
| 2019-06-20/a> | Xavier Mertens | Using a Travel Packing App for Infosec Purpose |
| 2019-05-19/a> | Guy Bruneau | Is Metadata Only Approach, Good Enough for Network Traffic Analysis? |
| 2019-02-24/a> | Guy Bruneau | Packet Editor and Builder by Colasoft |
| 2018-06-06/a> | Xavier Mertens | Converting PCAP Web Traffic to Apache Log |
| 2018-02-20/a> | Renato Marinho | Statically Unpacking a Brazilian Banker Malware |
| 2017-09-29/a> | Lorna Hutcheson | Good Analysis = Understanding(tools + logs + normal) |
| 2017-09-17/a> | Guy Bruneau | rockNSM as a Incident Response Package |
| 2017-04-28/a> | Russell Eubanks | KNOW before NO |
| 2017-04-13/a> | Rob VandenBrink | Packet Captures Filtered by Process |
| 2017-03-25/a> | Russell Eubanks | Distraction as a Service |
| 2017-03-11/a> | Russell Eubanks | What's On Your Not To Do List? |
| 2017-03-03/a> | Lorna Hutcheson | BitTorrent or Something Else? |
| 2017-01-28/a> | Lorna Hutcheson | Packet Analysis - Where do you start? |
| 2016-12-27/a> | Guy Bruneau | Using daemonlogger as a Software Tap |
| 2016-11-05/a> | Xavier Mertens | Full Packet Capture for Dummies |
| 2016-08-24/a> | Xavier Mertens | Example of Targeted Attack Through a Proxy PAC File |
| 2016-07-05/a> | Johannes Ullrich | Apache Update: TLS Certificate Authentication Bypass with HTTP/2 (CVE-2016-4979) |
| 2016-06-15/a> | Richard Porter | Warp Speed Ahead, L7 Open Source Packet Generator: Warp17 |
| 2015-10-12/a> | Guy Bruneau | Critical Vulnerability in Multiple Cisco Products - Apache Struts 2 Command Execution http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131023-struts2 |
| 2014-09-19/a> | Guy Bruneau | Web Scan looking for /info/whitelist.pac |
| 2014-08-17/a> | Rick Wanner | Part 2: Is your home network unwittingly contributing to NTP DDOS attacks? |
| 2014-07-28/a> | Johannes Ullrich | Interesting HTTP User Agent "chroot-apach0day" |
| 2014-07-05/a> | Guy Bruneau | Malware Analysis with pedump |
| 2014-06-04/a> | Richard Porter | p0f, Got Packets? |
| 2014-04-12/a> | Guy Bruneau | Critical Security Update for JetPack WordPress Plugin. Bug has existed since Jetpack 1.9, released in October 2012. - http://jetpack.me/2014/04/10/jetpack-security-update/ |
| 2014-03-18/a> | Mark Hofman | Call for packets dest 5000 or source 6000 |
| 2014-03-17/a> | Jim Clausing | New Apache web server release |
| 2014-03-13/a> | Daniel Wesemann | Web server logs containing RS=^ ? |
| 2014-02-04/a> | Johannes Ullrich | Odd ICMP Echo Request Payload |
| 2014-01-31/a> | Chris Mohan | Looking for packets from three particular subnets |
| 2013-12-01/a> | Richard Porter | BPF, PCAP, Binary, hex, why they matter? |
| 2013-11-27/a> | Rob VandenBrink | Apache 2.4.7 is released 11/25. Download: http://httpd.apache.org/download.cgi#apache24 and Readme: http://apache.mirror.iweb.ca//httpd/CHANGES_2.4.7 |
| 2013-11-13/a> | Johannes Ullrich | Packet Challenge for the Hivemind: What's happening with this Ethernet header? |
| 2013-06-05/a> | Richard Porter | Wireshark 1.10.0 Stable Released http://www.wireshark.org/download.html |
| 2013-05-19/a> | Kevin Shortt | Port 51616 - Got Packets? |
| 2013-04-30/a> | Russ McRee | Apache binary backdoor adds malicious redirect to Blackhole |
| 2013-04-13/a> | Johannes Ullrich | Protocol 61: Anybody got packets? |
| 2013-03-19/a> | Johannes Ullrich | Windows 7 SP1 and Windows Server 2008 R2 SP1 Being "pushed" today |
| 2012-12-22/a> | Guy Bruneau | New Poll - Which of the following issues impacted the most your business in 2012? - https://isc.sans.edu/poll.html |
| 2012-09-13/a> | Mark Baggett | TCP Fuzzing with Scapy |
| 2012-05-23/a> | Mark Baggett | IP Fragmentation Attacks |
| 2012-05-14/a> | Mark Hofman | Got packets? Interested in TCP/8909, TCP/6666, TCP/9415, TCP/27977 and UDP/7 |
| 2012-02-22/a> | Johannes Ullrich | Apache 2.4 Features |
| 2012-02-07/a> | Jim Clausing | Book Review: Practical Packet Analysis, 2nd ed |
| 2011-10-06/a> | Rob VandenBrink | Apache HTTP Server mod_proxy reverse proxy issue |
| 2011-08-30/a> | Johannes Ullrich | A Packet Challenge: Help us identify this traffic |
| 2011-08-30/a> | Johannes Ullrich | Apache patch out for "byte range" DoS vulnerability http://www.apache.org/dist/httpd/Announcement2.2.html |
| 2011-08-25/a> | Kevin Shortt | Revival of an Unpatched Apache HTTPD DoS |
| 2011-03-07/a> | Lorna Hutcheson | Call for Packets - Unassigned TCP Options |
| 2011-02-24/a> | Johannes Ullrich | Windows 7 / 2008 R2 Service Pack 1 Problems |
| 2011-02-23/a> | Johannes Ullrich | Windows 7 Service Pack 1 out |
| 2011-01-25/a> | Johannes Ullrich | Packet Tricks with xxd |
| 2011-01-15/a> | Jim Clausing | What's up with port 8881? |
| 2010-09-28/a> | Daniel Wesemann | Strange packet: "daylight rekick", anyone? |
| 2010-09-16/a> | Johannes Ullrich | A Packet a Day |
| 2010-08-22/a> | Manuel Humberto Santander Pelaez | SCADA: A big challenge for information security professionals |
| 2010-04-13/a> | Johannes Ullrich | Apache.org Bugtracker Breach |
| 2010-03-07/a> | Mari Nichols | Apache releases version 2.2.15 with 5 security fixes including OpenSSL issue. |
| 2010-02-16/a> | Johannes Ullrich | Teredo "stray packet" analysis |
| 2010-01-25/a> | William Salusky | "Bots and Spiders and Crawlers, be gone!" - or - "New Open Source WebAppSec tools, Huzzah!" |
| 2009-11-18/a> | Rob VandenBrink | Using a Cisco Router as a “Remote Collector” for tcpdump or Wireshark |
| 2009-11-03/a> | Bojan Zdrnja | Opachki, from (and to) Russia with love |
| 2009-10-14/a> | Johannes Ullrich | Odd Apache/MSIE issue with downloads from ISC |
| 2009-08-28/a> | Adrien de Beaupre | apache.org compromised |
| 2009-06-23/a> | Bojan Zdrnja | Slowloris and Iranian DDoS attacks |
| 2009-06-21/a> | Bojan Zdrnja | Apache HTTP DoS tool mitigation |
| 2009-06-18/a> | Bojan Zdrnja | Apache HTTP DoS tool released |
| 2009-05-07/a> | Jim Clausing | A packet challenge and how I solved it |
| 2009-05-01/a> | Adrien de Beaupre | Odd packets |
| 2009-04-07/a> | Johannes Ullrich | Common Apache Misconception |
| 2009-01-12/a> | William Salusky | Web Application Firewalls (WAF) - Have you deployed WAF technology? |
| 2009-01-03/a> | Rick Wanner | RAID != Backup |
| 2008-11-17/a> | Jim Clausing | A new cheat sheet and a contest |
| 2008-10-09/a> | Bojan Zdrnja | Watch that .htaccess file on your web site |
| 2008-09-22/a> | Jim Clausing | More on tools/resources/blogs |
| 2008-07-15/a> | Maarten Van Horenbeeck | BlackBerry PDF parsing vulnerability |
| 2008-06-07/a> | Jim Clausing | What's going on with these ports? Got packets? |
| 2008-05-26/a> | Marcus Sachs | Port 1533 on the Rise |
| 2008-04-27/a> | Marcus Sachs | What's With Port 20329? |
| 2008-04-25/a> | Joel Esler | Some packets perhaps? |
| 2008-04-22/a> | donald smith | Maximus root kit downloads via MySpace social engineering trick. |
| 2008-04-16/a> | William Stearns | Passer, a aassive machine and service sniffer |
| 2008-03-23/a> | Johannes Ullrich | Finding hidden gems (easter eggs) in your logs (packet challenge!) |
| 2006-10-17/a> | Arrigo Triulzi | Hacking Tor, the anonymity onion routing network |
FILE |
| 2020-06-12/a> | Xavier Mertens | Malicious Excel Delivering Fileless Payload |
| 2020-05-22/a> | Didier Stevens | Some Strings to Remember |
| 2020-05-04/a> | Didier Stevens | Sysmon and File Deletion |
| 2020-03-21/a> | Guy Bruneau | Honeypot - Scanning and Targeting Devices & Services |
| 2019-10-03/a> | Xavier Mertens | "Lost_Files" Ransomware |
| 2019-08-04/a> | Didier Stevens | Detecting ZLIB Compression |
| 2019-02-19/a> | Didier Stevens | Identifying Files: Failure Happens |
| 2018-11-05/a> | Johannes Ullrich | Struts 2.3 Vulnerable to Two Year old File Upload Flaw |
| 2017-11-29/a> | Xavier Mertens | Fileless Malicious PowerShell Sample |
| 2017-10-30/a> | Didier Stevens | PE files and debug info |
| 2017-10-24/a> | Xavier Mertens | Stop relying on file extensions |
| 2017-07-19/a> | Xavier Mertens | Bots Searching for Keys & Config Files |
| 2017-07-02/a> | Didier Stevens | PE Section Name Descriptions |
| 2017-05-26/a> | Lorna Hutcheson | File2pcap - A new tool for your toolkit! |
| 2016-08-24/a> | Xavier Mertens | Example of Targeted Attack Through a Proxy PAC File |
| 2016-05-21/a> | Didier Stevens | Python Malware - Part 2 |
| 2016-03-30/a> | Xavier Mertens | What to watch with your FIM? |
| 2016-01-20/a> | Xavier Mertens | /tmp, %TEMP%, ~/Desktop, T:\, ... A goldmine for pentesters! |
| 2015-07-12/a> | Didier Stevens | Jump List Files Are OLE Files |
| 2014-03-17/a> | Johannes Ullrich | Scans for FCKEditor File Manager |
| 2014-02-28/a> | Daniel Wesemann | Oversharing |
| 2014-01-11/a> | Guy Bruneau | tcpflow 1.4.4 and some of its most Interesting Features |
| 2013-08-26/a> | Alex Stanford | Stop, Drop and File Carve |
| 2013-08-21/a> | Alex Stanford | Psst. Your Browser Knows All Your Secrets. |
| 2011-11-28/a> | Tom Liston | A Puzzlement... |
| 2011-08-15/a> | Mark Hofman | How to find unwanted files on workstations |
| 2009-12-28/a> | Johannes Ullrich | 8 Basic Rules to Implement Secure File Uploads http://jbu.me/48 (inspired by IIS ; bug) |
| 2009-08-13/a> | Jim Clausing | Tools for extracting files from pcaps |
| 2009-06-27/a> | Tony Carothers | New NIAP Strategy on the Horizon |
| 2009-05-27/a> | donald smith | Host file black lists |
| 2009-05-25/a> | Jim Clausing | More tools for (US) Memorial Day |
| 2008-03-13/a> | Jason Lam | Remote File Include spoof!? |
