| 2024-07-01 | Johannes Ullrich | SSH "regreSSHion" Remote Code Execution Vulnerability in OpenSSH. |
| 2023-06-29 | Brad Duncan | GuLoader- or DBatLoader/ModiLoader-style infection for Remcos RAT |
| 2023-03-31 | Guy Bruneau | Using Linux grep and Windows findstr to Manipulate Files |
| 2022-01-01 | Didier Stevens | Expect Regressions |
| 2021-07-30 | Xavier Mertens | Infected With a .reg File |
| 2021-05-02 | Didier Stevens | PuTTY And FileZilla Use The Same Fingerprint Registry Keys |
| 2020-03-27 | Xavier Mertens | Malicious JavaScript Dropping Payload in the Registry |
| 2018-01-12 | Bojan Zdrnja | Those pesky registry keys required by critical security patches |
| 2017-12-13 | Xavier Mertens | Tracking Newly Registered Domains |
| 2017-11-15 | Xavier Mertens | If you want something done right, do it yourself! |
| 2017-09-18 | Xavier Mertens | Getting some intelligence from malspam |
| 2017-06-17 | Guy Bruneau | Mapping Use Cases to Logs. Which Logs are the Most Important to Collect? |
| 2017-03-19 | Xavier Mertens | Searching for Base64-encoded PE Files |
| 2016-05-22 | Pasquale Stirparo | The strange case of WinZip MRU Registry key |
| 2014-11-04 | Daniel Wesemann | Whois someone else? |
| 2014-02-09 | Basil Alawi S.Taher | Mandiant Highlighter 2 |
| 2013-07-21 | Guy Bruneau | Why use Regular Expressions? |
| 2013-07-10 | Johannes Ullrich | .NL Registrar Compromisse |
| 2012-05-06 | Jim Clausing | Tool updates and Win 8 |
| 2011-01-24 | Rob VandenBrink | Where have all the COM Ports Gone? - How enumerating COM ports led to me finding a “misplaced” Microsoft tool |
| 2011-01-12 | Richard Porter | Yet Another Data Broker? AOL Lifestream. |
| 2009-03-01 | Jim Clausing | Cool combination of tools |
| 2008-08-15 | Jim Clausing | OMFW 2008 reflections |
