Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Diaries by Keyword - SANS Internet Storm Center Diaries by Keyword


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

REPUTATION FILTERING INTRUSION PREVENTION PENETRATION TEST PENTEST

2010-02-22Rob VandenBrinkNew Risks in Penetration Testing

REPUTATION

2017-03-04/a>Xavier MertensHow your pictures may affect your website reputation
2015-06-02/a>Alex StanfordGuest Diary: Xavier Mertens - Playing with IP Reputation with Dshield & OSSEC
2010-02-22/a>Rob VandenBrinkNew Risks in Penetration Testing

FILTERING

2010-02-22/a>Rob VandenBrinkNew Risks in Penetration Testing

INTRUSION

2016-08-29/a>Russ McReeRecommended Reading: Intrusion Detection Using Indicators of Compromise Based on Best Practices and Windows Event Logs
2013-12-16/a>Tom WebbThe case of Minerd
2013-08-19/a>Johannes UllrichRunning Snort on ESXi using the Distributed Switch
2012-09-02/a>Lorna HutchesonDemonstrating the value of your Intrusion Detection Program and Analysts
2010-02-22/a>Rob VandenBrinkNew Risks in Penetration Testing

PREVENTION

2010-09-26/a>Daniel WesemannEgosurfing, the corporate way
2010-02-22/a>Rob VandenBrinkNew Risks in Penetration Testing
2009-04-24/a>John BambenekData Leak Prevention: Proactive Security Requirements of Breach Notification Laws

PENETRATION

2016-09-04/a>Russ McReeKali Linux 2016.2 Release: https://www.kali.org/news/kali-linux-20162-release/
2014-08-09/a>Adrien de BeaupreComplete application ownage via Multi-POST XSRF
2011-10-26/a>Rick WannerCritical Control 17:Penetration Tests and Red Team Exercises
2010-08-23/a>Manuel Humberto Santander PelaezFirefox plugins to perform penetration testing activities
2010-08-16/a>Raul SilesBlind Elephant: A New Web Application Fingerprinting Tool
2010-06-06/a>Manuel Humberto Santander PelaezNice OS X exploit tutorial
2010-04-13/a>Adrien de BeaupreWeb App Testing Tools
2010-02-22/a>Rob VandenBrinkNew Risks in Penetration Testing
2009-07-27/a>Raul SilesNew Hacker Challenge: Prison Break - Breaking, Entering & Decoding
2009-04-21/a>Bojan ZdrnjaWeb application vulnerabilities
2008-09-20/a>Rick WannerNew (to me) nmap Features

TEST

2018-12-16/a>Guy BruneauRandom Port Scan for Open RDP Backdoor
2018-07-02/a>Guy BruneauHello Peppa! - PHP Scans
2018-01-28/a>Didier StevensIs this a pentest?
2017-09-06/a>Adrien de BeaupreModern Web Application Penetration Testing , Hash Length Extension Attacks
2017-05-13/a>Guy BruneauHas anyone Tested WannaCry Killswitch? - https://blog.didierstevens.com/2017/05/13/quickpost-wcry-killswitch-check-is-not-proxy-aware/
2017-05-05/a>Xavier MertensHTTP Headers... the Achilles' heel of many applications
2016-11-02/a>Rob VandenBrinkWhat Does a Pentest Look Like?
2016-09-28/a>Xavier MertensSNMP Pwn3ge
2016-09-04/a>Russ McReeKali Linux 2016.2 Release: https://www.kali.org/news/kali-linux-20162-release/
2016-01-20/a>Xavier Mertens/tmp, %TEMP%, ~/Desktop, T:\, ... A goldmine for pentesters!
2015-11-09/a>John BambenekICYMI: Widespread Unserialize Vulnerability in Java
2015-10-27/a>Xavier MertensThe "Yes, but..." syndrome
2014-08-12/a>Adrien de BeaupreHost discovery with nmap
2014-08-09/a>Adrien de BeaupreComplete application ownage via Multi-POST XSRF
2014-04-03/a>Bojan ZdrnjaWatching the watchers
2013-08-21/a>Rob VandenBrinkFibre Channel Reconnaissance - Reloaded
2012-03-09/a>Guy BruneauNmap 5.61TEST5 released with 43 new scripts,improved OS & version detection, and more available for download - http://nmap.org/download.html
2011-10-26/a>Rick WannerCritical Control 17:Penetration Tests and Red Team Exercises
2011-08-26/a>Daniel WesemannUser Agent 007
2011-01-24/a>Rob VandenBrinkWhere have all the COM Ports Gone? - How enumerating COM ports led to me finding a “misplaced” Microsoft tool
2010-11-19/a>Jason LamExchanging and sharing of assessment results
2010-08-23/a>Manuel Humberto Santander PelaezFirefox plugins to perform penetration testing activities
2010-08-16/a>Raul SilesBlind Elephant: A New Web Application Fingerprinting Tool
2010-06-06/a>Manuel Humberto Santander PelaezNice OS X exploit tutorial
2010-05-22/a>Rick WannerSANS 2010 Digital Forensics Summit - APT Based Forensic Challenge
2010-04-13/a>Adrien de BeaupreWeb App Testing Tools
2010-02-22/a>Rob VandenBrinkNew Risks in Penetration Testing
2009-11-25/a>Jim ClausingUpdates to my GREM Gold scripts and a new script
2009-07-27/a>Raul SilesNew Hacker Challenge: Prison Break - Breaking, Entering & Decoding
2009-05-31/a>Tony CarothersL0phtcrack is Back!
2009-04-21/a>Bojan ZdrnjaWeb application vulnerabilities
2008-11-17/a>Jim ClausingA new cheat sheet and a contest
2008-09-20/a>Rick WannerNew (to me) nmap Features

PENTEST

2018-01-28/a>Didier StevensIs this a pentest?
2017-09-06/a>Adrien de BeaupreModern Web Application Penetration Testing , Hash Length Extension Attacks
2017-05-05/a>Xavier MertensHTTP Headers... the Achilles' heel of many applications
2016-11-02/a>Rob VandenBrinkWhat Does a Pentest Look Like?
2016-09-28/a>Xavier MertensSNMP Pwn3ge
2016-01-20/a>Xavier Mertens/tmp, %TEMP%, ~/Desktop, T:\, ... A goldmine for pentesters!
2015-11-09/a>John BambenekICYMI: Widespread Unserialize Vulnerability in Java
2015-10-27/a>Xavier MertensThe "Yes, but..." syndrome
2014-08-12/a>Adrien de BeaupreHost discovery with nmap
2013-08-21/a>Rob VandenBrinkFibre Channel Reconnaissance - Reloaded
2011-08-26/a>Daniel WesemannUser Agent 007
2010-11-19/a>Jason LamExchanging and sharing of assessment results
2010-06-06/a>Manuel Humberto Santander PelaezNice OS X exploit tutorial
2010-02-22/a>Rob VandenBrinkNew Risks in Penetration Testing
2009-05-31/a>Tony CarothersL0phtcrack is Back!