USER AGENT STRING |
| 2018-01-01 | Didier Stevens | What is new? |
| 2014-04-05 | Jim Clausing | Those strange e-mails with URLs in them can lead to Android malware |
| 2013-01-15 | Rob VandenBrink | When Disabling IE6 (or Java, or whatever) is not an Option... |
USER |
| 2025-04-06/a> | Johannes Ullrich | New SSH Username Report |
| 2024-10-16/a> | Johannes Ullrich | The Top 10 Not So Common SSH Usernames and Passwords |
| 2024-02-28/a> | Johannes Ullrich | Exploit Attempts for Unknown Password Reset Vulnerability |
| 2024-01-24/a> | Johannes Ullrich | How Bad User Interfaces Make Security Tools Harmful |
| 2024-01-08/a> | Jesse La Grew | What is that User Agent? |
| 2023-09-05/a> | Jesse La Grew | Common usernames submitted to honeypots |
| 2021-09-24/a> | Xavier Mertens | Keep an Eye on Your Users Mobile Devices (Simple Inventory) |
| 2021-04-24/a> | Guy Bruneau | Base64 Hashes Used in Web Scanning |
| 2021-03-02/a> | Russ McRee | Adversary Simulation with Sim |
| 2019-07-25/a> | Rob VandenBrink | When Users Attack! Users (and Admins) Thwarting Security Controls |
| 2019-07-05/a> | Didier Stevens | A "Stream O" Maldoc |
| 2019-07-01/a> | Didier Stevens | Maldoc: Payloads in User Forms |
| 2018-05-27/a> | Guy Bruneau | Capture and Analysis of User Agents |
| 2018-01-01/a> | Didier Stevens | What is new? |
| 2014-04-05/a> | Jim Clausing | Those strange e-mails with URLs in them can lead to Android malware |
| 2013-01-15/a> | Rob VandenBrink | When Disabling IE6 (or Java, or whatever) is not an Option... |
| 2012-07-14/a> | Tony Carothers | User Awareness and Education |
| 2012-04-05/a> | Johannes Ullrich | Evil hides everywhere: Web Application Exploits in Headers |
| 2011-08-26/a> | Daniel Wesemann | User Agent 007 |
| 2010-10-19/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 19 - Remote User VPN Tunnels - to Split or not to Split? |
| 2010-10-19/a> | Rob VandenBrink | Cyber Security Awareness Month - Day 19 - Remote User VPN Access – Are things getting too easy, or too hard? |
| 2009-05-28/a> | Jim Clausing | More new volatility plugins |
| 2008-09-18/a> | Bojan Zdrnja | Monitoring HTTP User-Agent fields |
AGENT |
| 2024-04-17/a> | Xavier Mertens | Malicious PDF File Used As Delivery Mechanism |
| 2024-02-03/a> | Guy Bruneau | DShield Sensor Log Collection with Elasticsearch |
| 2024-01-08/a> | Jesse La Grew | What is that User Agent? |
| 2023-08-23/a> | Xavier Mertens | More Exotic Excel Files Dropping AgentTesla |
| 2023-07-01/a> | Russ McRee | Sandfly Security |
| 2021-12-31/a> | Jan Kopriva | Do you want your Agent Tesla in the 300 MB or 8 kB package? |
| 2021-12-30/a> | Brad Duncan | Agent Tesla Updates SMTP Data Exfiltration Technique |
| 2021-12-20/a> | Jan Kopriva | PowerPoint attachments, Agent Tesla and code reuse in malware |
| 2021-11-18/a> | Xavier Mertens | JavaScript Downloader Delivers Agent Tesla Trojan |
| 2021-09-24/a> | Xavier Mertens | Keep an Eye on Your Users Mobile Devices (Simple Inventory) |
| 2021-06-30/a> | Brad Duncan | June 2021 Forensic Contest: Answers and Analysis |
| 2021-02-12/a> | Xavier Mertens | AgentTesla Dropped Through Automatic Click in Microsoft Help File |
| 2021-02-11/a> | Jan Kopriva | Agent Tesla hidden in a historical anti-malware tool |
| 2020-10-21/a> | Daniel Wesemann | Shipping dangerous goods |
| 2020-05-23/a> | Xavier Mertens | AgentTesla Delivered via a Malicious PowerPoint Add-In |
| 2020-04-28/a> | Jan Kopriva | Agent Tesla delivered by the same phishing campaign for over a year |
| 2020-03-11/a> | Xavier Mertens | Agent Tesla Delivered via Fake Canon EOS Notification on Free OwnCloud Account |
| 2019-11-27/a> | Brad Duncan | Finding an Agent Tesla malware sample |
| 2019-09-19/a> | Xavier Mertens | Agent Tesla Trojan Abusing Corporate Email Accounts |
| 2018-12-19/a> | Xavier Mertens | Using OSSEC Active-Response as a DFIR Framework |
| 2018-08-02/a> | Brad Duncan | DHL-themed malspam reveals embedded malware in animated gif |
| 2018-05-27/a> | Guy Bruneau | Capture and Analysis of User Agents |
| 2018-01-01/a> | Didier Stevens | What is new? |
| 2014-04-05/a> | Jim Clausing | Those strange e-mails with URLs in them can lead to Android malware |
| 2013-01-15/a> | Rob VandenBrink | When Disabling IE6 (or Java, or whatever) is not an Option... |
| 2012-06-25/a> | Guy Bruneau | Issues with Windows Update Agent |
| 2012-04-05/a> | Johannes Ullrich | Evil hides everywhere: Web Application Exploits in Headers |
| 2011-08-26/a> | Daniel Wesemann | User Agent 007 |
| 2011-07-13/a> | Guy Bruneau | New Sguil HTTPRY Agent |
| 2010-02-17/a> | Rob VandenBrink | Cisco Security Agent Security Updates: cisco-sa-20100217-csa |
| 2008-09-18/a> | Bojan Zdrnja | Monitoring HTTP User-Agent fields |
STRING |
| 2024-01-02/a> | Johannes Ullrich | Fingerprinting SSH Identification Strings |
| 2023-08-17/a> | Jesse La Grew | Command Line Parsing - Are These Really Unique Strings? |
| 2022-06-23/a> | Xavier Mertens | FLOSS 2.0 Has Been Released |
| 2022-04-10/a> | Didier Stevens | Video: Method For String Extraction Filtering |
| 2022-04-09/a> | Didier Stevens | Method For String Extraction Filtering |
| 2021-11-25/a> | Didier Stevens | YARA's Private Strings |
| 2021-09-25/a> | Didier Stevens | Strings Analysis: VBA & Excel4 Maldoc |
| 2021-09-25/a> | Didier Stevens | Video: Strings Analysis: VBA & Excel4 Maldoc |
| 2021-07-03/a> | Didier Stevens | Finding Strings With oledump.py |
| 2021-06-28/a> | Didier Stevens | CFBF Files Strings Analysis |
| 2021-01-10/a> | Didier Stevens | Maldoc Analysis With CyberChef |
| 2021-01-09/a> | Didier Stevens | Maldoc Strings Analysis |
| 2021-01-01/a> | Didier Stevens | Strings 2021 |
| 2020-10-25/a> | Didier Stevens | Video: Pascal Strings |
| 2020-06-01/a> | Jim Clausing | Stackstrings, type 2 |
| 2020-05-22/a> | Didier Stevens | Some Strings to Remember |
| 2020-05-21/a> | Xavier Mertens | Malware Triage with FLOSS: API Calls Based Behavior |
| 2020-04-27/a> | Xavier Mertens | Powershell Payload Stored in a PSCredential Object |
| 2018-12-09/a> | Didier Stevens | Quickie: String Analysis is Still Useful |
| 2018-01-01/a> | Didier Stevens | What is new? |
| 2014-04-05/a> | Jim Clausing | Those strange e-mails with URLs in them can lead to Android malware |
| 2013-06-21/a> | Guy Bruneau | Sysinternals Updates for Autoruns, Strings & ZoomIt http://blogs.technet.com/b/sysinternals/archive/2013/06/20/updates-autoruns-v11-61-strings-v2-52-zoomit-v4-5.aspx |
| 2013-05-20/a> | Guy Bruneau | Sysinternals Updates for Accesschk, Procdump, RAMMap and Strings http://blogs.technet.com/b/sysinternals/archive/2013/05/17/updates-accesschk-v5-11-procdump-v6-0-rammap-v1-22-strings-v2-51.aspx |
| 2013-01-15/a> | Rob VandenBrink | When Disabling IE6 (or Java, or whatever) is not an Option... |
| 2007-01-03/a> | Toby Kohlenberg | VLC Media Player udp URL handler Format String Vulnerability |
