Internet Storm Center
Sign In
Sign Up
Watch ISC TV. Great for NOCs, SOCs and Living Rooms:
https://isctv.sans.edu
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
BLUE TEAM
2022-09-19
Russ McRee
Chainsaw: Hunt, search, and extract event log records
2022-06-10
Russ McRee
EPSScall: An Exploit Prediction Scoring System App
2021-12-28
Russ McRee
LotL Classifier tests for shells, exfil, and miners
2021-03-02
Russ McRee
Adversary Simulation with Sim
2021-01-19
Russ McRee
Gordon for fast cyber reputation checks
2020-08-12
Russ McRee
To the Brim at the Gates of Mordor Pt. 1
2020-04-21
Russ McRee
SpectX: Log Parser for DFIR
2020-01-21
Russ McRee
DeepBlueCLI: Powershell Threat Hunting
2019-10-06
Russ McRee
visNetwork for Network Data
2019-08-21
Russ McRee
KAPE: Kroll Artifact Parser and Extractor
2019-04-05
Russ McRee
Beagle: Graph transforms for DFIR data & logs
2019-02-05
Rob VandenBrink
Mitigations against Mimikatz Style Attacks
2018-10-17
Russ McRee
RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2018-06-16
Russ McRee
Anomaly Detection & Threat Hunting with Anomalize
BLUE
2023-02-07/a>
Yee Ching Tok
A Survey of Bluetooth Vulnerabilities Trends (2023 Edition)
2022-09-19/a>
Russ McRee
Chainsaw: Hunt, search, and extract event log records
2022-07-05/a>
Jan Kopriva
EternalBlue 5 years after WannaCry and NotPetya
2022-06-10/a>
Russ McRee
EPSScall: An Exploit Prediction Scoring System App
2021-12-28/a>
Russ McRee
LotL Classifier tests for shells, exfil, and miners
2021-11-01/a>
Yee Ching Tok
Revisiting BrakTooth: Two Months Later
2021-08-31/a>
Yee Ching Tok
BrakTooth: Impacts, Implications and Next Steps
2021-03-06/a>
Xavier Mertens
Spotting the Red Team on VirusTotal!
2021-03-02/a>
Russ McRee
Adversary Simulation with Sim
2021-01-19/a>
Russ McRee
Gordon for fast cyber reputation checks
2020-11-16/a>
Jan Kopriva
Heartbleed, BlueKeep and other vulnerabilities that didn't disappear just because we don't talk about them anymore
2020-10-23/a>
Russ McRee
Sooty: SOC Analyst's All-in-One Tool
2020-08-12/a>
Russ McRee
To the Brim at the Gates of Mordor Pt. 1
2020-06-30/a>
Russ McRee
ISC Snapshot: SpectX IP Hitcount Query
2020-04-21/a>
Russ McRee
SpectX: Log Parser for DFIR
2020-02-27/a>
Xavier Mertens
Offensive Tools Are For Blue Teams Too
2020-01-21/a>
Russ McRee
DeepBlueCLI: Powershell Threat Hunting
2019-11-10/a>
Jan Kopriva
Did the recent malicious BlueKeep campaign have any positive impact when it comes to patching?
2019-11-08/a>
Xavier Mertens
Microsoft Apps Diverted from Their Main Use
2019-11-05/a>
Rick Wanner
Bluekeep exploitation causing Bluekeep vulnerability scan to fail
2019-10-06/a>
Russ McRee
visNetwork for Network Data
2019-08-21/a>
Russ McRee
KAPE: Kroll Artifact Parser and Extractor
2019-08-05/a>
Rick Wanner
Scanning for Bluekeep vulnerable RDP instances
2019-05-22/a>
Johannes Ullrich
An Update on the Microsoft Windows RDP "Bluekeep" Vulnerability (CVE-2019-0708) [now with pcaps]
2019-04-05/a>
Russ McRee
Beagle: Graph transforms for DFIR data & logs
2019-02-05/a>
Rob VandenBrink
Mitigations against Mimikatz Style Attacks
2018-10-17/a>
Russ McRee
RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2018-06-16/a>
Russ McRee
Anomaly Detection & Threat Hunting with Anomalize
2017-07-01/a>
Rick Wanner
Using nmap to scan for MS17-010 (CVE-2017-0143 EternalBlue)
2010-02-11/a>
Johannes Ullrich
MS10-015 may cause Windows XP to blue screen
TEAM
2022-09-23/a>
Xavier Mertens
Kids Like Cookies, Malware Too!
2022-09-19/a>
Russ McRee
Chainsaw: Hunt, search, and extract event log records
2022-06-10/a>
Russ McRee
EPSScall: An Exploit Prediction Scoring System App
2021-12-28/a>
Russ McRee
LotL Classifier tests for shells, exfil, and miners
2021-03-06/a>
Xavier Mertens
Spotting the Red Team on VirusTotal!
2021-03-02/a>
Russ McRee
Adversary Simulation with Sim
2021-01-19/a>
Russ McRee
Gordon for fast cyber reputation checks
2020-10-23/a>
Russ McRee
Sooty: SOC Analyst's All-in-One Tool
2020-08-12/a>
Russ McRee
To the Brim at the Gates of Mordor Pt. 1
2020-06-30/a>
Russ McRee
ISC Snapshot: SpectX IP Hitcount Query
2020-04-21/a>
Russ McRee
SpectX: Log Parser for DFIR
2020-02-27/a>
Xavier Mertens
Offensive Tools Are For Blue Teams Too
2020-01-21/a>
Russ McRee
DeepBlueCLI: Powershell Threat Hunting
2019-11-29/a>
Russ McRee
ISC Snapshot: Search with SauronEye
2019-11-08/a>
Xavier Mertens
Microsoft Apps Diverted from Their Main Use
2019-10-06/a>
Russ McRee
visNetwork for Network Data
2019-08-21/a>
Russ McRee
KAPE: Kroll Artifact Parser and Extractor
2019-07-16/a>
Russ McRee
Commando VM: The Complete Mandiant Offensive VM
2019-04-05/a>
Russ McRee
Beagle: Graph transforms for DFIR data & logs
2019-02-05/a>
Rob VandenBrink
Mitigations against Mimikatz Style Attacks
2018-10-17/a>
Russ McRee
RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2018-06-16/a>
Russ McRee
Anomaly Detection & Threat Hunting with Anomalize
2012-04-23/a>
Russ McRee
Emergency Operations Centers & Security Incident Management: A Correlation
2011-03-25/a>
Kevin Liston
APT Tabletop Exercise
2010-01-22/a>
Mari Nichols
Pass-down for a Successful Incident Response
2010-01-14/a>
Bojan Zdrnja
DRG (Dragon Research Group) Distro available for general release
2009-03-22/a>
Mari Nichols
Dealing with Security Challenges
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Forums
Auditing
Diary Discussions
Forensics
General Discussions
Industry News
Network Security
Penetration Testing
Software Security
Contact Us
Contact Us
About Us
Handlers
Slack Channel
Mastodon
Twitter
Subscribe to the daily podcast via
RSS
or
iTunes
