- Filter by
- Categories
- Tags
- Authors
- Show all
- All
- Analysis
- Android
- Chapters
- Data-Mining
- Encryption
- Forensic Challenges
- Google Summer of Code
- Honeypot
- Know Your Enemy
- News
- Uncategorized
- Workshop
- All
- 2010
- 2018
- 6guard
- active defense
- Active Response Continuum
- activities
- afterglow
- afterglow cloud
- aggressive network defense
- ajgamma.liveblog.com
- AliIkinci
- Analysis
- android
- annual
- annual status report
- anti-debugging
- APIMonitor
- APK
- APKinspector android malware static analysis
- ARE
- arp spoof
- Art
- ASLR
- assembly
- attack
- Attack Graph
- Attribution
- axis
- beginner
- Beta
- Bifrozt
- blogging
- botnet
- botnet monitoring
- botnet protocols
- Botnets
- browsers under attack
- c++
- canberra
- capture-hpc
- capture-hpc honeyclient honeyspider
- carberp
- CEO
- CFG
- challenge
- challenge 2
- chapter
- Citadel
- civil process
- client
- clustering
- code of conduct
- Computer Fraud and Abuse Act
- conference
- conficker
- conpot
- control flow
- counter-attack
- criminal process
- cro
- Crowdstrike
- cuckoo
- cuckoo sandbox androguard gsoc
- cuckoo sandbox malware analysis
- d3.v2
- Dalvik
- Damballa
- data
- data link layer attacks
- data mining
- Data model Honeyweb tutorial
- data visualization
- dbscan
- DDoS
- DDOS Honeypot
- debian
- decompilation
- demo
- DEP
- dependencies
- detect
- detection
- dhcp starvation
- dionaea
- Django
- Docker
- Dorothy
- downadup
- dpkt
- droidbot
- droidbox
- dubai
- dubai2013
- Dynamic
- dynamic analysis
- dynamic malware analysis virtuaization cuckoo gsoc
- EAT filtering
- emet
- Emulation
- encrypted traffic
- encryption
- ethics
- exploit
- exploit replay
- explot
- FC10
- feature
- Feature 1
- flash
- flow
- focus
- Forensic Challenge
- Forensic Challenge 2010
- forensic challenges
- forensics
- format
- framework
- framework honeypot
- frontend
- ftp
- Fuzzy hashing
- GeoDjango
- georg
- Ghost
- glaspot
- glastopf
- GlastopNG
- globalpot
- google summer of code
- Graphviz
- greedybear
- gsoc
- gsoc 2012
- GSoC 2013
- gsoc glutton
- gsoc google
- gsoc gsoc2010
- gsoc gsoc2011
- gsoc snare tanner
- GSoC11
- GSOC2011
- gsoc2011 gsoc
- gsoc2012
- gsoc2013
- gsoc2014
- gsoc2015
- gsoc2016
- gsoc2017
- gsoc2018
- gsoc2020
- GUI
- hack back
- Hackback
- Hacking Back
- Heralding
- HeX
- high interaction honeypot
- hnw2015
- HNW2016
- honeybrid gsoc introduction
- honeybrid gsoc parser
- honeybrid gsoc redirection
- honeybrid gsoc testing
- honeyclient
- honeydrive
- honeymap
- honeyned
- honeynet
- Honeynet Blogs
- honeypot
- honeypots
- honeysink
- honeywall
- honeyweb
- Hong Kong
- Hook
- hpfeeds
- HPSoC
- hpw2012 workshop norman
- HPW2015
- http https proxy gsoc honeyproxy forensics
- hugo gonzalez
- humanitarian law
- ICS
- images
- Imalse
- improper ruse
- infection monkey
- integrity
- intelowl
- interesting
- ipv6
- IRB
- Iteolih
- Iteolih Samba DCERPC Python
- Iteolih Samba DCERPC Python libemu
- Kelihos
- Kelihos.B/Hlux.B
- kippo
- kippo SSH honeypot
- kmeans
- KYE
- KYT
- Law
- law of war
- Layer 2
- layout
- legal
- lessons learned
- libemu
- link-local
- linux
- log record
- logging
- logs
- low-interaction
- Lukas Rist
- MAC flood
- machine learning
- mahmud
- Main blog
- Malaysian Honeynet chapter
- malicious
- malware
- Malware
- malware sandbox cuckoo
- Mariposa
- Meet our new CEO Andre
- Mexican Chapter Annual Report
- Microsoft
- mitmproxy
- Mobile
- mobile HosTage
- mohpt
- Monday
- monthly
- murofet
- nebula
- network
- network traffic
- New Honeynet Project Challenge (#7): Forensic Analysis of a Compromised Server
- new version
- news
- Norway
- oxff
- paper
- parallel coordinates
- parser
- peepdf
- phoneyc
- phoneyc paper leet09 honeyclient
- picviz
- project
- project news
- protocol
- protocols
- publication
- python
- qebek
- qebek sebek qemu windows
- qebek windows
- qebek windows socket network
- qemu
- qemu hook
- qemu qebek
- question
- re-google
- readables
- reading
- release
- replay
- replica bags
- report
- reports
- research
- reverse engineering
- reversing
- ROP
- rumal
- Sambacry
- San Antonio
- sandbox
- sandbox evasion
- SCADA
- scan
- scanner
- sebek
- sebek visualization
- security
- shellcode
- shockpot
- signature
- Simpilified Chinese
- Simplified Chinese
- Simulation
- sink
- sinkhole
- smartphone
- snare
- snort
- social honeypots
- social networks
- spam
- spamscope
- spanish chapter
- speak
- spidermonkey
- splunk
- statistic
- statistics
- status
- Stavanger
- stix
- Storm Worm
- Stormfucker
- STP manipulation
- student
- Symantec
- taiwan
- takedown
- talk
- Tallinn Manual
- tanner
- taxii
- The Italian Honeynet Chapter
- the Menlo Report
- threatintel
- thug
- thug-vagrant
- tool
- tpot
- traceexploit
- Traditional Chinese
- traffic analyze
- translation
- trojan
- twman
- UI framework
- UK Chapter
- update
- vagrant
- Video
- visualization
- vlan hopping
- vulnerabilities
- Waledac
- Wannacry
- web honeypot
- web server botnet
- webhoneypot
- webservice
- White Paper
- windows
- wireshark
- wireshnork
- wordpot
- workshop
- workshop 2012 facebook
- workshop facebook
- worldmap
- zeus
- zoom
- 繁體中文
- 鑑識分析挑戰
- 香港
February 27, 2015
Published by David Dittrich at February 27, 2015
Categories
Uncategorized
In the first part of this two part blog post, the issue of anticipating retaliation during an aggressive battle to wrest control of a DDoS botnet […]
February 17, 2015
Published by David Dittrich at February 17, 2015
Categories
Uncategorized
This blog post is the first of a two-part series in response to the Wired article of Oct 14, 2014, “How Microsoft Appointed Itself Sheriff of […]
June 9, 2013
Published by Marco Riccardi at June 9, 2013
Categories
Howdy all,I’ve the pleasure to *finally* unveil the second version of Dorothy: a malware/botnet analysis framework written in Ruby. Dorothy2 is a framework created for mass […]
March 11, 2013
Published by David Dittrich at March 11, 2013
Categories
Uncategorized
On March 4, 2013, a contest was held at the Nullcon conference in Goa, India, to see who could take over a botnet. The Times of […]
March 31, 2012
Published by Christian Seifert at March 31, 2012
Categories
Uncategorized
On Wednesday, March 21, 2012, an operation by security experts from Dell SecureWorks, CrowdStrike, Kaspersky, and the Honeynet Project was initiated to sinkhole infected computers in […]
March 28, 2012
Published by David Dittrich at March 28, 2012
Categories
Uncategorized
On Sunday, March 25, Microsoft announced that for the fourth time, they had gone to a federal court and successfully obtained an ex parte temporary restraining […]