Diaries by Keyword - SANS Internet Storm Center

Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/

Handler on Duty: Didier Stevens

Threat Level: green

Date	Author	Title
2023-09-29	Xavier Mertens	Are You Still Storing Passwords In Plain Text Files?
2020-08-10	Bojan Zdrnja	Scoping web application and web service penetration tests
2020-06-05	Johannes Ullrich	Cyber Security for Protests
2019-11-29	Russ McRee	ISC Snapshot: Search with SauronEye
2019-10-22	Bojan Zdrnja	Testing TLSv1.3 and supported ciphers
2019-07-23	Bojan Zdrnja	Verifying SSL/TLS configuration (part 1)
2019-04-26	Rob VandenBrink	Pillaging Passwords from Service Accounts
2018-12-16	Guy Bruneau	Random Port Scan for Open RDP Backdoor
2018-07-02	Guy Bruneau	Hello Peppa! - PHP Scans
2018-01-28	Didier Stevens	Is this a pentest?
2017-09-06	Adrien de Beaupre	Modern Web Application Penetration Testing , Hash Length Extension Attacks
2017-05-13	Guy Bruneau	Has anyone Tested WannaCry Killswitch? - https://blog.didierstevens.com/2017/05/13/quickpost-wcry-killswitch-check-is-not-proxy-aware/
2017-05-05	Xavier Mertens	HTTP Headers... the Achilles' heel of many applications
2016-11-02	Rob VandenBrink	What Does a Pentest Look Like?
2016-09-28	Xavier Mertens	SNMP Pwn3ge
2016-09-04	Russ McRee	Kali Linux 2016.2 Release: https://www.kali.org/news/kali-linux-20162-release/
2016-01-20	Xavier Mertens	/tmp, %TEMP%, ~/Desktop, T:\, ... A goldmine for pentesters!
2015-11-09	John Bambenek	ICYMI: Widespread Unserialize Vulnerability in Java
2015-10-27	Xavier Mertens	The "Yes, but..." syndrome
2014-08-12	Adrien de Beaupre	Host discovery with nmap
2014-08-09	Adrien de Beaupre	Complete application ownage via Multi-POST XSRF
2014-04-03	Bojan Zdrnja	Watching the watchers
2013-08-21	Rob VandenBrink	Fibre Channel Reconnaissance - Reloaded
2012-03-09	Guy Bruneau	Nmap 5.61TEST5 released with 43 new scripts,improved OS & version detection, and more available for download - http://nmap.org/download.html
2011-10-26	Rick Wanner	Critical Control 17:Penetration Tests and Red Team Exercises
2011-08-26	Daniel Wesemann	User Agent 007
2011-01-24	Rob VandenBrink	Where have all the COM Ports Gone? - How enumerating COM ports led to me finding a “misplaced” Microsoft tool
2010-11-19	Jason Lam	Exchanging and sharing of assessment results
2010-08-23	Manuel Humberto Santander Pelaez	Firefox plugins to perform penetration testing activities
2010-08-16	Raul Siles	Blind Elephant: A New Web Application Fingerprinting Tool
2010-06-06	Manuel Humberto Santander Pelaez	Nice OS X exploit tutorial
2010-05-22	Rick Wanner	SANS 2010 Digital Forensics Summit - APT Based Forensic Challenge
2010-04-13	Adrien de Beaupre	Web App Testing Tools
2010-02-22	Rob VandenBrink	New Risks in Penetration Testing
2009-11-25	Jim Clausing	Updates to my GREM Gold scripts and a new script
2009-07-27	Raul Siles	New Hacker Challenge: Prison Break - Breaking, Entering & Decoding
2009-05-31	Tony Carothers	L0phtcrack is Back!
2009-04-21	Bojan Zdrnja	Web application vulnerabilities
2008-11-17	Jim Clausing	A new cheat sheet and a contest
2008-09-20	Rick Wanner	New (to me) nmap Features