Internet Storm Center
Sign In
Sign Up
Handler on Duty:
Didier Stevens
Threat Level:
green
Date
Author
Title
2025-04-16
Guy Bruneau
RedTail, Remnux and Malware Management [Guest Diary]
2025-02-20
Guy Bruneau
Using ES|QL in Kibana to Queries DShield Honeypot Logs
2024-10-03
Guy Bruneau
Kickstart Your DShield Honeypot [Guest Diary]
2024-09-25
Guy Bruneau
OSINT - Image Analysis or More Where, When, and Metadata [Guest Diary]
2024-09-11
Guy Bruneau
Hygiene, Hygiene, Hygiene! [Guest Diary]
2024-09-04
Guy Bruneau
Attack Surface [Guest Diary]
2024-08-27
Guy Bruneau
Vega-Lite with Kibana to Parse and Display IP Activity over Time
2024-08-20
Guy Bruneau
Mapping Threats with DNSTwist and the Internet Storm Center [Guest Diary]
2024-08-07
Guy Bruneau
Same Scripts, Different Day: What My DShield Honeypot Taught Me About the Importance of Security Fundamentals [Guest Diary]
2024-07-16
Guy Bruneau
Who You Gonna Call? AndroxGh0st Busters! [Guest Diary]
2024-06-26
Guy Bruneau
What Setting Live Traps for Cybercriminals Taught Me About Security [Guest Diary]
2024-06-13
Guy Bruneau
The Art of JQ and Command-line Fu [Guest Diary]
2024-05-28
Guy Bruneau
Is that It? Finding the Unknown: Correlations Between Honeypot Logs & PCAPs [Guest Diary]
2024-05-22
Guy Bruneau
Analysis of ?redtail? File Uploads to ICS Honeypot, a Multi-Architecture Coin Miner [Guest Diary]
2024-04-07
Guy Bruneau
A Use Case for Adding Threat Hunting to Your Security Operations Team. Detecting Adversaries Abusing Legitimate Tools in A Customer Environment. [Guest Diary]
2022-12-20
Xavier Mertens
Linux File System Monitoring & Actions
2022-12-19
Xavier Mertens
Hunting for Mastodon Servers
2021-03-17
Xavier Mertens
Defenders, Know Your Operating System Like Attackers Do!
2020-08-24
Xavier Mertens
Tracking A Malware Campaign Through VT
2020-01-25
Guy Bruneau
Is Threat Hunting the new Fad?
2020-01-21
Russ McRee
DeepBlueCLI: Powershell Threat Hunting
2019-10-10
Rob VandenBrink
Mining Live Networks for OUI Data Oddness
2019-07-17
Xavier Mertens
Analyzis of DNS TXT Records
2019-03-27
Xavier Mertens
Running your Own Passive DNS Service
2018-11-20
Xavier Mertens
Querying DShield from Cortex
2018-10-17
Russ McRee
RedHunt Linux - Adversary Emulation, Threat Hunting & Intelligence
2018-09-20
Xavier Mertens
Hunting for Suspicious Processes with OSSEC
2018-08-10
Remco Verhoef
Hunting SSL/TLS clients using JA3
2018-06-21
Xavier Mertens
Are Your Hunting Rules Still Working?
2017-12-02
Xavier Mertens
Using Bad Material for the Good
2017-11-23
Xavier Mertens
Proactive Malicious Domain Search
2017-10-18
Renato Marinho
Baselining Servers to Detect Outliers
2017-09-02
Xavier Mertens
AutoIT based malware back in the wild
2017-03-15
Xavier Mertens
Retro Hunting!
2016-07-12
Xavier Mertens
Hunting for Malicious Files with MISP + OSSEC
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Subscribe to the daily podcast via
RSS
or
iTunes
