Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Diaries by Keyword - SANS Internet Storm Center Diaries by Keyword

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

PYTHON 32

2011-02-21Adrien de BeaupreWhat’s New, it's Python 3.2

PYTHON

2022-04-21/a>Xavier MertensMulti-Cryptocurrency Clipboard Swapper
2022-01-20/a>Xavier MertensRedLine Stealer Delivered Through FTP
2022-01-07/a>Xavier MertensCustom Python RAT Builder
2022-01-06/a>Xavier MertensMalicious Python Script Targeting Chinese People
2021-12-10/a>Xavier MertensPython Shellcode Injection From JSON Data
2021-12-01/a>Xavier MertensInfo-Stealer Using webhook.site to Exfiltrate Data
2021-08-30/a>Xavier MertensCryptocurrency Clipboard Swapper Delivered With Love
2021-07-16/a>Xavier MertensMultiple BaseXX Obfuscations
2021-07-08/a>Xavier MertensUsing Sudo with Python For More Security Controls
2021-07-06/a>Xavier MertensPython DLL Injection Check
2021-07-02/a>Xavier Mertens"inception.py"... Multiple Base64 Encodings
2021-06-11/a>Xavier MertensKeeping an Eye on Dangerous Python Modules
2021-05-31/a>Rick WannerQuick and dirty Python: nmap
2021-05-04/a>Rick WannerQuick and dirty Python: masscan
2021-04-29/a>Xavier MertensFrom Python to .Net
2021-04-09/a>Xavier MertensNo Python Interpreter? This Simple RAT Installs Its Own Copy
2021-04-02/a>Xavier MertensC2 Activity: Sandboxes or Real Victims?
2021-03-18/a>Xavier MertensSimple Python Keylogger
2020-12-10/a>Xavier MertensPython Backdoor Talking to a C2 Through Ngrok
2020-11-20/a>Xavier MertensMalicious Python Code and LittleSnitch Detection
2020-11-09/a>Xavier MertensHow Attackers Brush Up Their Malicious Scripts
2020-10-20/a>Xavier MertensMirai-alike Python Scanner
2020-10-14/a>Xavier MertensNicely Obfuscated Python RAT
2020-09-18/a>Xavier MertensA Mix of Python & VBA in a Malicious Word Document
2020-09-03/a>Xavier MertensSandbox Evasion Using NTP
2020-09-02/a>Xavier MertensPython and Risky Windows API Calls
2020-08-18/a>Xavier MertensUsing API's to Track Attackers
2020-07-30/a>Johannes UllrichPython Developers: Prepare!!!
2019-10-29/a>Xavier MertensGenerating PCAP Files from YAML
2018-11-26/a>Russ McReeViperMonkey: VBA maldoc deobfuscation
2017-11-23/a>Xavier MertensProactive Malicious Domain Search
2017-10-05/a>Johannes Ullrichpcap2curl: Turning a pcap file into a set of cURL commands for "replay"
2017-08-22/a>Xavier MertensDefang all the things!
2017-04-19/a>Xavier MertensHunting for Malicious Excel Sheets
2017-01-12/a>Mark BaggettSystem Resource Utilization Monitor
2017-01-01/a>Didier Stevenspy2exe Decompiling - Part 1
2016-11-27/a>Russ McReeScapy vs. CozyDuke
2016-07-25/a>Didier StevensPython Malware - Part 4
2016-07-16/a>Didier StevensPython Malware - Part 3
2016-05-15/a>Didier StevensPython Malware - Part 1
2014-12-04/a>Mark BaggettAutomating Incident data collection with Python
2011-02-21/a>Adrien de BeaupreWhat’s New, it's Python 3.2
2010-08-15/a>Manuel Humberto Santander PelaezPython to test web application security
2010-06-14/a>Manuel Humberto Santander PelaezPython on a microcontroller?
2010-03-30/a>Marcus SachsZigbee Analysis Tools
2010-02-17/a>Rob VandenBrinkMultiple Security Updates for ESX 3.x and ESXi 3.x
2009-05-25/a>Jim ClausingMore tools for (US) Memorial Day

32

2021-05-21/a>Xavier MertensLocking Kernel32.dll As Anti-Debugging Technique
2021-05-18/a>Xavier MertensFrom RunDLL32 to JavaScript then PowerShell
2019-04-02/a>Johannes UllrichFake AV is Back: LaCie Network Drives Used to Spread Malware
2018-10-10/a>Xavier MertensNew Campaign Using Old Equation Editor Vulnerability
2017-09-05/a>Johannes UllrichThe Mirai Botnet: A Look Back and Ahead At What's Next
2014-07-07/a>Johannes UllrichMulti Platform *Coin Miner Attacking Routers on Port 32764
2014-03-02/a>Stephen HallSymantec goes yellow
2013-10-25/a>Rob VandenBrinkKaspersky flags TCPIP.SYS as Malware
2013-08-16/a>Kevin ListonCVE-2013-2251 Apache Struts 2.X OGNL Vulnerability
2013-02-22/a>Chris MohanPHP 5.4.12 and PHP 5.3.22 released http://www.php.net/ChangeLog-5.php
2013-01-09/a>Richard PorterThe 80's called - They Want Their Mainframe Back!
2012-09-23/a>Tony CarothersUpdate for CVE-2012-3132
2012-09-09/a>Guy BruneauPhishing/Spam Pretending to be from BBB
2011-12-21/a>Johannes UllrichNew Vulnerability in Windows 7 64 bit
2011-02-21/a>Adrien de BeaupreWhat’s New, it's Python 3.2
2010-09-17/a>Robert DanfordCirca 2007 Linux Kernel Vulnerability Resurfaces (Was CVE-2007-4573, Now CVE-2010-3301)
2010-01-04/a>Bojan ZdrnjaSophisticated, targeted malicious PDF documents exploiting CVE-2009-4324
2009-07-12/a>Mari NicholsCA Apologizes for False Positive
2008-08-15/a>Jim ClausingAnother MS update that may have escaped notice
2008-04-27/a>Marcus SachsWhat's With Port 20329?