RED TEAM |
| 2019-11-29 | Russ McRee | ISC Snapshot: Search with SauronEye |
| 2019-08-21 | Russ McRee | KAPE: Kroll Artifact Parser and Extractor |
| 2019-07-16 | Russ McRee | Commando VM: The Complete Mandiant Offensive VM |
| 2019-04-05 | Russ McRee | Beagle: Graph transforms for DFIR data & logs |
| 2018-10-17 | Russ McRee | RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence |
RED |
| 2020-11-18/a> | Xavier Mertens | When Security Controls Lead to Security Issues |
| 2020-07-16/a> | John Bambenek | Hunting for SigRed Exploitation |
| 2020-07-15/a> | Johannes Ullrich | PATCH NOW - SIGRed - CVE-2020-1350 - Microsoft DNS Server Vulnerability |
| 2020-04-27/a> | Xavier Mertens | Powershell Payload Stored in a PSCredential Object |
| 2020-02-27/a> | Xavier Mertens | Offensive Tools Are For Blue Teams Too |
| 2020-02-25/a> | Jan Kopriva | Quick look at a couple of current online scam campaigns |
| 2019-11-29/a> | Russ McRee | ISC Snapshot: Search with SauronEye |
| 2019-11-09/a> | Guy Bruneau | Fake Netflix Update Request by Text |
| 2019-11-08/a> | Xavier Mertens | Microsoft Apps Diverted from Their Main Use |
| 2019-08-28/a> | Johannes Ullrich | [Guest Diary] Open Redirect: A Small But Very Common Vulnerability |
| 2019-08-21/a> | Russ McRee | KAPE: Kroll Artifact Parser and Extractor |
| 2019-07-16/a> | Russ McRee | Commando VM: The Complete Mandiant Offensive VM |
| 2019-04-05/a> | Russ McRee | Beagle: Graph transforms for DFIR data & logs |
| 2018-10-17/a> | Russ McRee | RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence |
| 2017-12-27/a> | Guy Bruneau | What are your Security Challenges for 2018? |
| 2016-09-09/a> | Xavier Mertens | Collecting Users Credentials from Locked Devices |
| 2016-06-29/a> | Xavier Mertens | Phishing Campaign with Blurred Images |
| 2016-01-05/a> | Guy Bruneau | What are you Concerned the Most in 2016? |
| 2015-05-23/a> | Guy Bruneau | Business Value in "Big Data" |
| 2015-03-18/a> | Daniel Wesemann | Pass the hash! |
| 2015-01-31/a> | Guy Bruneau | Beware of Phishing and Spam Super Bowl Fans! |
| 2014-11-24/a> | Richard Porter | Someone is using this? PoS: Compressor |
| 2014-09-12/a> | Chris Mohan | Are credential dumps worth reviewing? |
| 2014-07-03/a> | Johannes Ullrich | Credit Card Processing in 700 Words or Less |
| 2014-06-13/a> | Richard Porter | A welcomed response, PF Chang's |
| 2013-12-19/a> | Rob VandenBrink | Target US - Credit Card Data Breach |
| 2013-09-23/a> | Rob VandenBrink | How do you spell "PSK"? |
| 2013-07-12/a> | Johannes Ullrich | DNS resolution is failing for Microsofts Teredo server (teredo.ipv6.microsoft.com) |
| 2013-07-12/a> | Johannes Ullrich | Microsoft Teredo Server "Sunset" |
| 2013-03-09/a> | Guy Bruneau | IPv6 Focus Month: IPv6 Encapsulation - Protocol 41 |
| 2013-02-21/a> | Pedro Bueno | NBC site redirecting to Exploit kit |
| 2011-05-03/a> | Johannes Ullrich | Analyzing Teredo with tshark and Wireshark |
| 2011-01-03/a> | Johannes Ullrich | What Will Matter in 2011 |
| 2010-07-24/a> | Manuel Humberto Santander Pelaez | Transmiting logon information unsecured in the network |
| 2010-06-15/a> | Manuel Humberto Santander Pelaez | Mastercard delivering cards with OTP device included |
| 2010-04-22/a> | John Bambenek | Data Redaction: You're Doing it Wrong |
| 2010-02-16/a> | Jim Clausing | Teredo request for packets |
| 2010-02-16/a> | Johannes Ullrich | Teredo "stray packet" analysis |
| 2009-07-28/a> | Adrien de Beaupre | YYAMCCBA |
| 2009-05-18/a> | Rick Wanner | JSRedir-R/Gumblar badness |
TEAM |
| 2020-10-23/a> | Russ McRee | Sooty: SOC Analyst's All-in-One Tool |
| 2020-08-12/a> | Russ McRee | To the Brim at the Gates of Mordor Pt. 1 |
| 2020-06-30/a> | Russ McRee | ISC Snapshot: SpectX IP Hitcount Query |
| 2020-04-21/a> | Russ McRee | SpectX: Log Parser for DFIR |
| 2020-02-27/a> | Xavier Mertens | Offensive Tools Are For Blue Teams Too |
| 2020-01-21/a> | Russ McRee | DeepBlueCLI: Powershell Threat Hunting |
| 2019-11-29/a> | Russ McRee | ISC Snapshot: Search with SauronEye |
| 2019-11-08/a> | Xavier Mertens | Microsoft Apps Diverted from Their Main Use |
| 2019-10-06/a> | Russ McRee | visNetwork for Network Data |
| 2019-08-21/a> | Russ McRee | KAPE: Kroll Artifact Parser and Extractor |
| 2019-07-16/a> | Russ McRee | Commando VM: The Complete Mandiant Offensive VM |
| 2019-04-05/a> | Russ McRee | Beagle: Graph transforms for DFIR data & logs |
| 2019-02-05/a> | Rob VandenBrink | Mitigations against Mimikatz Style Attacks |
| 2018-10-17/a> | Russ McRee | RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence |
| 2018-06-16/a> | Russ McRee | Anomaly Detection & Threat Hunting with Anomalize |
| 2012-04-23/a> | Russ McRee | Emergency Operations Centers & Security Incident Management: A Correlation |
| 2011-03-25/a> | Kevin Liston | APT Tabletop Exercise |
| 2010-01-22/a> | Mari Nichols | Pass-down for a Successful Incident Response |
| 2010-01-14/a> | Bojan Zdrnja | DRG (Dragon Research Group) Distro available for general release |
| 2009-03-22/a> | Mari Nichols | Dealing with Security Challenges |
