Date Author Title
2024-10-03Guy BruneauKickstart Your DShield Honeypot [Guest Diary]
2024-07-25Xavier MertensXWorm Hidden With Process Hollowing
2023-11-09Xavier MertensVisual Examples of Code Injection
2023-08-26Xavier MertensmacOS: Who?s Behind This Network Connection?
2023-05-24Jesse La GrewMore Data Enrichment for Cowrie Logs
2022-09-14Xavier MertensEasy Process Injection within Python
2022-03-15Xavier MertensClean Binaries with Suspicious Behaviour
2021-05-30Didier StevensSysinternals: Procmon, Sysmon, TcpView and Process Explorer update
2021-03-04Xavier MertensFrom VBS, PowerShell, C Sharp, Process Hollowing to RAT
2021-01-17Didier StevensNew Release of Sysmon Adding Detection for Process Tampering
2020-02-16Guy BruneauSOAR or not to SOAR?
2019-06-27Rob VandenBrinkFinding the Gold in a Pile of Pennies - Long Tail Analysis in PowerShell
2018-09-20Xavier MertensHunting for Suspicious Processes with OSSEC
2018-07-03Didier StevensProgress indication for scripts on Windows
2015-07-17Didier StevensProcess Explorer and VirusTotal
2014-04-27Tony CarothersThe Dreaded "D" Word of IT
2014-02-27Richard PorterDDoS and BCP 38
2014-02-10Rob VandenBrinkA Tale of Two Admins (and no Change Control)
2014-02-07Rob VandenBrinkHello Virustotal? It's Microsoft Calling.
2013-02-06Adam SwangerSysinternals in particular Process Explorer update https://blogs.technet.com/b/sysinternals/?Redirected=true
2012-01-13Guy BruneauSysinternals Updates - http://blogs.technet.com/b/sysinternals/archive/2012/01/13/updates-autoruns-v11-21-coreinfo-v3-03-portmon-v-3-03-process-explorer-v15-12-mark-s-blog-and-mark-at-rsa-2012.aspx
2011-12-19Guy BruneauProcess Explorer Update 15.11 with bugfixes - http://technet.microsoft.com/en-us/sysinternals/bb896653
2010-01-23Lorna HutchesonThe necessary evils: Policies, Processes and Procedures
2009-10-22Adrien de BeaupreCyber Security Awareness Month - Day 22 port 502 TCP - Modbus
2009-09-19Rick WannerSysinternals Tools Updates
2009-08-30Tony CarothersHow do I recover from.....?