Date Author Title
2025-06-13Jesse La Grew[Guest Diary] Anatomy of a Linux SSH Honeypot Attack: Detailed Analysis of Captured Malware
2025-05-30Jesse La GrewUsage of "passwd" Command in DShield Honeypots
2025-05-28Jesse La Grew[Guest Diary] Exploring a Use Case of Artificial Intelligence Assistance with Understanding an Attack
2025-03-06Guy BruneauDShield Traffic Analysis using ELK
2025-02-13Guy BruneauDShield SIEM Docker Updates
2024-12-26Jesse La GrewCapturing Honeypot Data Beyond the Logs
2024-10-17Guy BruneauScanning Activity from Subnet 15.184.0.0/16
2024-10-03Guy BruneauKickstart Your DShield Honeypot [Guest Diary]
2024-08-27Guy BruneauVega-Lite with Kibana to Parse and Display IP Activity over Time
2024-02-03Guy BruneauDShield Sensor Log Collection with Elasticsearch
2024-01-30Johannes UllrichWhat did I say to make you stop talking to me?
2023-07-23Guy BruneauInstall & Configure Filebeat on Raspberry Pi ARM64 to Parse DShield Sensor Logs
2023-05-24Jesse La GrewMore Data Enrichment for Cowrie Logs
2022-05-03Johannes UllrichSome Honeypot Updates
2020-04-02Tom WebbTPOT's Cowrie to ISC Logs
2016-03-13Xavier MertensSSH Honeypots (Ab)used as Proxy