| 2025-02-13 | Guy Bruneau | DShield SIEM Docker Updates |
| 2025-01-28 | Xavier Mertens | Fileless Python InfoStealer Targeting Exodus |
| 2024-12-20 | Xavier Mertens | Christmas "Gift" Delivered Through SSH |
| 2024-12-15 | Johannes Ullrich | Exploit attempts inspired by recent Struts2 File Upload Vulnerability (CVE-2024-53677, CVE-2023-50164) |
| 2024-09-16 | Xavier Mertens | Managing PE Files With Overlays |
| 2024-05-31 | Xavier Mertens | "K1w1" InfoStealer Uses gofile.io for Exfiltration |
| 2023-11-20 | Jesse La Grew | Overflowing Web Honeypot Logs |
| 2023-09-29 | Xavier Mertens | Are You Still Storing Passwords In Plain Text Files? |
| 2023-07-23 | Guy Bruneau | Install & Configure Filebeat on Raspberry Pi ARM64 to Parse DShield Sensor Logs |
| 2023-06-09 | Xavier Mertens | Undetected PowerShell Backdoor Disguised as a Profile File |
| 2023-04-04 | Johannes Ullrich | Analyzing the efile.com Malware "efail" |
| 2023-02-24 | Brad Duncan | URL files and WebDAV used for IcedID (Bokbot) infection |
| 2023-01-21 | Guy Bruneau | DShield Sensor JSON Log to Elasticsearch |
| 2023-01-04 | Rob VandenBrink | Update to RTRBK - Diff and File Dates in PowerShell |
| 2022-12-20 | Xavier Mertens | Linux File System Monitoring & Actions |
| 2022-07-25 | Xavier Mertens | PowerShell Script with Fileless Capability |
| 2022-07-17 | Didier Stevens | Python: Files In Use By Another Process |
| 2022-06-25 | Xavier Mertens | Malicious Code Passed to PowerShell via the Clipboard |
| 2022-06-04 | Guy Bruneau | Spam Email Contains a Very Large ISO file |
| 2022-06-03 | Xavier Mertens | Sandbox Evasion... With Just a Filename! |
| 2022-05-29 | Didier Stevens | Extracting The Overlay Of A PE File |
| 2022-05-28 | Didier Stevens | Huge Signed PE File: Keeping The Signature |
| 2022-05-26 | Didier Stevens | Huge Signed PE File |
| 2022-05-23 | Johannes Ullrich | Attacker Scanning for jQuery-File-Upload |
| 2022-05-20 | Xavier Mertens | A 'Zip Bomb' to Bypass Security Controls & Sandboxes |
| 2022-03-24 | Xavier Mertens | Malware Delivered Through Free Sharing Tool |
| 2021-09-11 | Guy Bruneau | Shipping to Elasticsearch Microsoft DNS Logs |
| 2021-05-02 | Didier Stevens | PuTTY And FileZilla Use The Same Fingerprint Registry Keys |
| 2021-04-10 | Guy Bruneau | Building an IDS Sensor with Suricata & Zeek with Logs to ELK |
| 2021-03-12 | Guy Bruneau | Microsoft DHCP Logs Shipped to ELK |
| 2021-02-12 | Xavier Mertens | AgentTesla Dropped Through Automatic Click in Microsoft Help File |
| 2020-06-12 | Xavier Mertens | Malicious Excel Delivering Fileless Payload |
| 2020-05-22 | Didier Stevens | Some Strings to Remember |
| 2020-05-04 | Didier Stevens | Sysmon and File Deletion |
| 2020-03-21 | Guy Bruneau | Honeypot - Scanning and Targeting Devices & Services |
| 2019-10-03 | Xavier Mertens | "Lost_Files" Ransomware |
| 2019-08-04 | Didier Stevens | Detecting ZLIB Compression |
| 2019-02-19 | Didier Stevens | Identifying Files: Failure Happens |
| 2018-11-05 | Johannes Ullrich | Struts 2.3 Vulnerable to Two Year old File Upload Flaw |
| 2017-11-29 | Xavier Mertens | Fileless Malicious PowerShell Sample |
| 2017-10-30 | Didier Stevens | PE files and debug info |
| 2017-10-24 | Xavier Mertens | Stop relying on file extensions |
| 2017-07-19 | Xavier Mertens | Bots Searching for Keys & Config Files |
| 2017-07-02 | Didier Stevens | PE Section Name Descriptions |
| 2017-05-26 | Lorna Hutcheson | File2pcap - A new tool for your toolkit! |
| 2016-08-24 | Xavier Mertens | Example of Targeted Attack Through a Proxy PAC File |
| 2016-05-21 | Didier Stevens | Python Malware - Part 2 |
| 2016-03-30 | Xavier Mertens | What to watch with your FIM? |
| 2016-01-20 | Xavier Mertens | /tmp, %TEMP%, ~/Desktop, T:\, ... A goldmine for pentesters! |
| 2015-07-12 | Didier Stevens | Jump List Files Are OLE Files |
| 2014-03-17 | Johannes Ullrich | Scans for FCKEditor File Manager |
| 2014-02-28 | Daniel Wesemann | Oversharing |
| 2014-01-11 | Guy Bruneau | tcpflow 1.4.4 and some of its most Interesting Features |
| 2013-08-26 | Alex Stanford | Stop, Drop and File Carve |
| 2013-08-21 | Alex Stanford | Psst. Your Browser Knows All Your Secrets. |
| 2011-11-28 | Tom Liston | A Puzzlement... |
| 2011-08-15 | Mark Hofman | How to find unwanted files on workstations |
| 2009-12-28 | Johannes Ullrich | 8 Basic Rules to Implement Secure File Uploads http://jbu.me/48 (inspired by IIS ; bug) |
| 2009-08-13 | Jim Clausing | Tools for extracting files from pcaps |
| 2009-06-27 | Tony Carothers | New NIAP Strategy on the Horizon |
| 2009-05-27 | donald smith | Host file black lists |
| 2009-05-25 | Jim Clausing | More tools for (US) Memorial Day |
| 2008-03-13 | Jason Lam | Remote File Include spoof!? |
