2021-01-19 | Russ McRee | Gordon for fast cyber reputation checks |
2020-10-23 | Russ McRee | Sooty: SOC Analyst's All-in-One Tool |
2020-08-12 | Russ McRee | To the Brim at the Gates of Mordor Pt. 1 |
2020-06-30 | Russ McRee | ISC Snapshot: SpectX IP Hitcount Query |
2020-04-21 | Russ McRee | SpectX: Log Parser for DFIR |
2020-01-21 | Russ McRee | DeepBlueCLI: Powershell Threat Hunting |
2019-10-06 | Russ McRee | visNetwork for Network Data |
2019-06-04 | Russ McRee | ISC snapshot: r-cyber with rud.is |
2019-04-05 | Russ McRee | Beagle: Graph transforms for DFIR data & logs |
2018-12-19 | Xavier Mertens | Using OSSEC Active-Response as a DFIR Framework |
2018-11-11 | Pasquale Stirparo | Community contribution: joining forces or multiply solutions? |
2018-11-04 | Pasquale Stirparo | Beyond good ol' LaunchAgent - part 1 |
2018-08-26 | Didier Stevens | "When was this machine infected?" |
2018-06-16 | Russ McRee | Anomaly Detection & Threat Hunting with Anomalize |
2017-12-14 | Russ McRee | Detection Lab: Visibility & Introspection for Defenders |
2017-09-28 | Xavier Mertens | The easy way to analyze huge amounts of PCAP data |
2017-07-09 | Russ McRee | Adversary hunting with SOF-ELK |
2016-11-20 | Pasquale Stirparo | How many “Epoch” times? Epocalypse.py timestamp converter |
2016-10-31 | Russ McRee | SEC505 DFIR capture script: snapshot.ps1 |
2015-08-17 | Russ McRee | Tool Tip: Kansa Stafford released, PowerShell for DFIR |