Internet Storm Center
Sign In
Sign Up
Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
2023-02-12
Jesse La Grew
PCAP Data Analysis with Zeek
2023-01-02
Xavier Mertens
NetworkMiner 2.8 Released
2022-11-14
Jesse La Grew
Extracting 'HTTP CONNECT' Requests with Python
2022-11-02
Brad Duncan
Who put the "Dark" in DarkVNC?
2021-12-22
Brad Duncan
December 2021 Forensic Contest: Answers and Analysis
2021-12-08
Brad Duncan
December 2021 Forensic Challenge
2021-11-04
Brad Duncan
October 2021 Forensic Contest: Answers and Analysis
2021-10-22
Brad Duncan
October 2021 Contest: Forensic Challenge
2021-06-30
Brad Duncan
June 2021 Forensic Contest: Answers and Analysis
2021-06-17
Daniel Wesemann
Network Forensics on Azure VMs (Part #1)
2021-05-23
Didier Stevens
Video: Making Sense Of Encrypted Cobalt Strike Traffic
2021-05-19
Brad Duncan
May 2021 Forensic Contest: Answers and Analysis
2021-05-05
Brad Duncan
May 2021 Forensic Contest
2021-04-18
Didier Stevens
Decoding Cobalt Strike Traffic
2021-04-12
Didier Stevens
Example of Cleartext Cobalt Strike Traffic (Thanks Brad)
2021-04-01
Brad Duncan
April 2021 Forensic Quiz
2021-03-07
Didier Stevens
PCAPs and Beacons
2021-01-30
Guy Bruneau
PacketSifter as Network Parsing and Telemetry Tool
2021-01-05
Johannes Ullrich
Netfox Detective: An Alternative Open-Source Packet Analysis Tool
2020-12-03
Brad Duncan
Traffic Analysis Quiz: Mr Natural
2020-11-11
Brad Duncan
Traffic Analysis Quiz: DESKTOP-FX23IK5
2020-09-15
Brad Duncan
Traffic Analysis Quiz: Oh No... Another Infection!
2020-08-05
Brad Duncan
Traffic Analysis Quiz: What's the Malware From This Infection?
2020-07-15
Brad Duncan
Word docs with macros for IcedID (Bokbot)
2020-05-20
Brad Duncan
Microsoft Word document with malicious macro pushes IcedID (Bokbot)
2020-04-08
Brad Duncan
German malspam pushes ZLoader malware
2020-04-01
Brad Duncan
Qakbot malspam sent from an infected Windows host
2020-01-05
Didier Stevens
etl2pcapng: Convert .etl Capture Files To .pcapng Format
2019-12-24
Brad Duncan
Malspam with links to Word docs pushes IcedID (Bokbot)
2019-12-03
Brad Duncan
Ursnif infection with Dridex
2019-11-27
Brad Duncan
Finding an Agent Tesla malware sample
2019-10-29
Xavier Mertens
Generating PCAP Files from YAML
2019-10-09
Brad Duncan
What data does Vidar malware steal from an infected host?
2019-10-03
Jim Clausing
Buffer overflows found in libpcap and tcpdump
2019-05-22
Johannes Ullrich
An Update on the Microsoft Windows RDP "Bluekeep" Vulnerability (CVE-2019-0708) [now with pcaps]
2019-03-18
Didier Stevens
Wireshark 3.0.0 and Npcap: Some Remarks
2019-03-11
Didier Stevens
Wireshark 3.0.0 and Npcap
2018-11-18
Guy Bruneau
Multipurpose PCAP Analysis Tool
2018-08-15
Xavier Mertens
Truncating Payloads and Anonymizing PCAP files
2018-06-06
Xavier Mertens
Converting PCAP Web Traffic to Apache Log
2018-01-18
Xavier Mertens
Comment your Packet Captures!
2017-09-28
Xavier Mertens
The easy way to analyze huge amounts of PCAP data
2017-05-26
Lorna Hutcheson
File2pcap - A new tool for your toolkit!
2017-01-28
Lorna Hutcheson
Packet Analysis - Where do you start?
2014-06-04
Richard Porter
p0f, Got Packets?
2013-12-01
Richard Porter
BPF, PCAP, Binary, hex, why they matter?
2013-06-05
Richard Porter
Wireshark 1.10.0 Stable Released http://www.wireshark.org/download.html
2011-10-23
Guy Bruneau
tcpdump and IPv6
2010-07-04
Manuel Humberto Santander Pelaez
New Winpcap Version
2010-03-27
Guy Bruneau
Create a Summary of IP Addresses from PCAP Files using Unix Tools
2009-11-25
Jim Clausing
Updates to my GREM Gold scripts and a new script
2009-08-13
Jim Clausing
Tools for extracting files from pcaps
2009-06-28
Guy Bruneau
IP Address Range Search with libpcap
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
Subscribe to the Internet Storm Center
YouTube Channel