Internet Storm Center
Sign In
Sign Up
SANS Network Security: Las Vegas Sept 4-9.
Handler on Duty:
Xavier Mertens
Threat Level:
green
Date
Author
Title
2023-11-16
Johannes Ullrich
Beyond -n: Optimizing tcpdump performance
2023-08-04
Xavier Mertens
Are Leaked Credentials Dumps Used by Attackers?
2023-03-29
Didier Stevens
Extracting Multiple Streams From OLE Files
2023-02-26
Didier Stevens
oledump & MSI Files
2023-02-01
Jesse La Grew
Rotating Packet Captures with pfSense
2022-07-24
Didier Stevens
Video: Maldoc: non-ASCII VBA Identifiers
2022-07-21
Didier Stevens
Maldoc: non-ASCII VBA Identifiers
2022-05-14
Didier Stevens
Quick Analysis Of Phishing MSG
2022-04-29
Rob VandenBrink
Using Passive DNS sources for Reconnaissance and Enumeration
2022-03-10
Xavier Mertens
Credentials Leaks on VirusTotal
2022-03-05
Didier Stevens
oledump's Extra Option
2021-08-01
Didier Stevens
procdump Version 10.1
2021-07-03
Didier Stevens
Finding Strings With oledump.py
2021-06-28
Didier Stevens
CFBF Files Strings Analysis
2021-06-20
Didier Stevens
Video: oledump Cheat Sheet
2020-12-26
Didier Stevens
base64dump.py Supported Encodings
2020-12-06
Didier Stevens
oledump's Indicators (video)
2020-11-24
Johannes Ullrich
The special case of TCP RST
2020-11-15
Didier Stevens
oledump's ! Indicator
2020-11-08
Didier Stevens
Quick Tip: Extracting all VBA Code from a Maldoc
2020-10-11
Didier Stevens
Analyzing MSG Files With plugin_msg_summary
2019-12-23
Didier Stevens
New oledump.py plugin: plugin_version_vba
2019-10-03
Jim Clausing
Buffer overflows found in libpcap and tcpdump
2019-07-15
Didier Stevens
isodump.py and Malicious ISO Files
2019-05-10
Xavier Mertens
DSSuite - A Docker Container with Didier's Tools
2018-10-10
Xavier Mertens
"OG" Tools Remain Valuable
2018-08-15
Xavier Mertens
Truncating Payloads and Anonymizing PCAP files
2018-01-18
Xavier Mertens
Comment your Packet Captures!
2017-09-28
Xavier Mertens
The easy way to analyze huge amounts of PCAP data
2017-02-02
Rick Wanner
New tcpdump release -> 4.9.0 http://www.tcpdump.org/#latest-release
2017-01-31
Johannes Ullrich
Multiple Vulnerabilities in tcpdump
2016-11-05
Xavier Mertens
Full Packet Capture for Dummies
2016-08-06
Didier Stevens
rtfdump
2015-07-12
Didier Stevens
Jump List Files Are OLE Files
2015-03-16
Johannes Ullrich
Automatically Documenting Network Connections From New Devices Connected to Home Networks
2015-02-19
Daniel Wesemann
Macros? Really?!
2014-09-12
Chris Mohan
Are credential dumps worth reviewing?
2014-07-05
Guy Bruneau
Malware Analysis with pedump
2013-12-12
Basil Alawi S.Taher
Acquiring Memory Images with Dumpit
2013-11-27
Rob VandenBrink
ATM Traffic + TCPDump + Video = Good or Evil?
2013-11-13
Johannes Ullrich
Packet Challenge for the Hivemind: What's happening with this Ethernet header?
2013-09-02
Guy Bruneau
Snort IDS Sensor with Sguil New ISO Released
2013-05-20
Guy Bruneau
Sysinternals Updates for Accesschk, Procdump, RAMMap and Strings http://blogs.technet.com/b/sysinternals/archive/2013/05/17/updates-accesschk-v5-11-procdump-v6-0-rammap-v1-22-strings-v2-51.aspx
2011-10-23
Guy Bruneau
tcpdump and IPv6
2011-08-13
Rick Wanner
MoonSols Dumpit released...for free!
2011-01-25
Johannes Ullrich
Packet Tricks with xxd
2011-01-24
Rob VandenBrink
Where have all the COM Ports Gone? - How enumerating COM ports led to me finding a “misplaced” Microsoft tool
2010-06-03
Johannes Ullrich
Top 10 Things you may not know about tcpdump
2009-11-18
Rob VandenBrink
Using a Cisco Router as a “Remote Collector” for tcpdump or Wireshark
2009-10-02
Stephen Hall
New SysInternal fun for the weekend
2009-09-19
Rick Wanner
Sysinternals Tools Updates
2009-06-28
Guy Bruneau
IP Address Range Search with libpcap
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Keep yourself informed with our
aggregate InfoSec news