RDP Snitch<p>2025-07-31 RDP <a href="https://infosec.exchange/tags/Honeypot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Honeypot</span></a> IOCs - 975 scans<br>Thread with top 3 features in each category and links to the full dataset<br><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a></p><p>Top IPs:<br>104.248.13.245 - 576<br>113.161.168.2 - 105<br>49.13.49.205 - 78</p><p>Top ASNs:<br>AS14061 - 594<br>AS45899 - 105<br>AS24940 - 78</p><p>Top Accounts:<br>hello - 837<br>Administr - 36<br>Test - 24</p><p>Top ISPs:<br>DigitalOcean, LLC - 594<br>VietNam Post and Telecom Corporation - 105<br>Hetzner Online GmbH - 78</p><p>Top Clients:<br>Unknown - 975</p><p>Top Software:<br>Unknown - 975</p><p>Top Keyboards:<br>Unknown - 975</p><p>Top IP Classification:<br>hosting - 747<br>Unknown - 219<br>proxy - 6</p><p>Pastebin links with full 24-hr RDP Honeypot IOC Lists:<br>Bad API request, invalid api_dev_key</p><p><a href="https://infosec.exchange/tags/CyberSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSec</span></a> <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://infosec.exchange/tags/Blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Blueteam</span></a> <a href="https://infosec.exchange/tags/SecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecOps</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a></p>
techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome
Administered by:
Server stats:
4.6Kactive users
techhub.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.2
#dfir
42 posts · 28 participants · 3 posts today
RDP Snitch<p>2025-07-31 RDP <a href="https://infosec.exchange/tags/Honeypot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Honeypot</span></a> IOCs - 974 scans<br>Thread with top 3 features in each category and links to the full dataset<br><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a></p><p>Top IPs:<br>104.248.13.245 - 575<br>113.161.168.2 - 105<br>49.13.49.205 - 78</p><p>Top ASNs:<br>AS14061 - 593<br>AS45899 - 105<br>AS24940 - 78</p><p>Top Accounts:<br>hello - 836<br>Administr - 36<br>Test - 24</p><p>Top ISPs:<br>DigitalOcean, LLC - 593<br>VietNam Post and Telecom Corporation - 105<br>Hetzner Online GmbH - 78</p><p>Top Clients:<br>Unknown - 974</p><p>Top Software:<br>Unknown - 974</p><p>Top Keyboards:<br>Unknown - 974</p><p>Top IP Classification:<br>hosting - 746<br>Unknown - 219<br>proxy - 6</p><p>Pastebin links with full 24-hr RDP Honeypot IOC Lists:<br>Bad API request, invalid api_dev_key</p><p><a href="https://infosec.exchange/tags/CyberSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSec</span></a> <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://infosec.exchange/tags/Blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Blueteam</span></a> <a href="https://infosec.exchange/tags/SecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecOps</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a></p>
RDP Snitch<p>2025-07-31 RDP <a href="https://infosec.exchange/tags/Honeypot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Honeypot</span></a> IOCs - 973 scans<br>Thread with top 3 features in each category and links to the full dataset<br><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a></p><p>Top IPs:<br>104.248.13.245 - 574<br>113.161.168.2 - 105<br>49.13.49.205 - 78</p><p>Top ASNs:<br>AS14061 - 592<br>AS45899 - 105<br>AS24940 - 78</p><p>Top Accounts:<br>hello - 835<br>Administr - 36<br>Test - 24</p><p>Top ISPs:<br>DigitalOcean, LLC - 592<br>VietNam Post and Telecom Corporation - 105<br>Hetzner Online GmbH - 78</p><p>Top Clients:<br>Unknown - 973</p><p>Top Software:<br>Unknown - 973</p><p>Top Keyboards:<br>Unknown - 973</p><p>Top IP Classification:<br>hosting - 745<br>Unknown - 219<br>proxy - 6</p><p>Pastebin links with full 24-hr RDP Honeypot IOC Lists:<br>Bad API request, invalid api_dev_key</p><p><a href="https://infosec.exchange/tags/CyberSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSec</span></a> <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://infosec.exchange/tags/Blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Blueteam</span></a> <a href="https://infosec.exchange/tags/SecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecOps</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a></p>
infosystir<p>If you happen to be a professor or student in DFIR/Computer Forensics, check out a great lot of items in our charity auction! If you've ever wanted to perform forensics on a PDA, this is your chance!</p><p><a href="https://ebay.com/usr/hackershealth" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">ebay.com/usr/hackershealth</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/forensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>forensics</span></a> <a href="https://infosec.exchange/tags/vintagecomputing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vintagecomputing</span></a> <a href="https://infosec.exchange/tags/dfir" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dfir</span></a> <a href="https://infosec.exchange/tags/defcon33" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>defcon33</span></a> <a href="https://infosec.exchange/tags/blackhat2025" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blackhat2025</span></a> <a href="https://infosec.exchange/tags/bsideslv" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bsideslv</span></a></p>
Kevin Pagano - Stark 4N6 :verified:<p><a href="https://infosec.exchange/tags/Stark4N6" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Stark4N6</span></a>: Forensics StartMe Updates (8/1/2025) <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://www.stark4n6.com/2025/08/forensics-startme-updates-812025.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">stark4n6.com/2025/08/forensics</span><span class="invisible">-startme-updates-812025.html</span></a></p>
Alexis Brignoni :python: :donor:<p>🌋 The LEAPPs Artifact Viewer App (LAVA) is right around the corner.<br>🌋 Learn how to build artifacts for the LEAPPs that will work with LAVA.<br>🌋 Watch the video tutorial here: <a href="https://www.youtube.com/live/qTgZUh4GPxk" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">youtube.com/live/qTgZUh4GPxk</span><span class="invisible"></span></a>?</p><p><a href="https://infosec.exchange/tags/DigitalForensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DigitalForensics</span></a> <a href="https://infosec.exchange/tags/LAVA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LAVA</span></a> <a href="https://infosec.exchange/tags/MobileForensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MobileForensics</span></a> <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://infosec.exchange/tags/Coding" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Coding</span></a></p>
empressbat<p><a href="https://mastodon.social/tags/AWSNsummit2025" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AWSNsummit2025</span></a> - <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> - excellent presentation from Lesley Carhart (aka hacks4pancakes) on incident response <a href="https://mastodon.social/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> </p><p>This is the type of content that is really worth attending for cyber security practitioners - even if we work in this all the time and know this stuff backwards it helps to validate what we know and keep us focused on the important things.</p>
Alonso Caballero / ReYDeS🐝 Iniciamos la segunda sesión del Curso OWASP TOP 10. Información: https://www.reydes.com/e/Curso_OWASP_TOP_10
#cybersecurity #hacking #redteam #forensics #dfir #osint
RDP Snitch<p>2025-07-31 RDP <a href="https://infosec.exchange/tags/Honeypot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Honeypot</span></a> IOCs - 972 scans<br>Thread with top 3 features in each category and links to the full dataset<br><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a></p><p>Top IPs:<br>104.248.13.245 - 573<br>113.161.168.2 - 105<br>49.13.49.205 - 78</p><p>Top ASNs:<br>AS14061 - 591<br>AS45899 - 105<br>AS24940 - 78</p><p>Top Accounts:<br>hello - 834<br>Administr - 36<br>Test - 24</p><p>Top ISPs:<br>DigitalOcean, LLC - 591<br>VietNam Post and Telecom Corporation - 105<br>Hetzner Online GmbH - 78</p><p>Top Clients:<br>Unknown - 972</p><p>Top Software:<br>Unknown - 972</p><p>Top Keyboards:<br>Unknown - 972</p><p>Top IP Classification:<br>hosting - 744<br>Unknown - 219<br>proxy - 6</p><p>Pastebin links with full 24-hr RDP Honeypot IOC Lists:<br>Bad API request, invalid api_dev_key</p><p><a href="https://infosec.exchange/tags/CyberSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSec</span></a> <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://infosec.exchange/tags/Blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Blueteam</span></a> <a href="https://infosec.exchange/tags/SecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecOps</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a></p>
RDP Snitch<p>2025-07-31 RDP <a href="https://infosec.exchange/tags/Honeypot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Honeypot</span></a> IOCs - 648 scans<br>Thread with top 3 features in each category and links to the full dataset<br><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a></p><p>Top IPs:<br>104.248.13.245 - 382<br>113.161.168.2 - 70<br>49.13.49.205 - 52</p><p>Top ASNs:<br>AS14061 - 394<br>AS45899 - 70<br>AS24940 - 52</p><p>Top Accounts:<br>hello - 556<br>Administr - 24<br>Test - 16</p><p>Top ISPs:<br>DigitalOcean, LLC - 394<br>VietNam Post and Telecom Corporation - 70<br>Hetzner Online GmbH - 52</p><p>Top Clients:<br>Unknown - 648</p><p>Top Software:<br>Unknown - 648</p><p>Top Keyboards:<br>Unknown - 648</p><p>Top IP Classification:<br>hosting - 496<br>Unknown - 146<br>proxy - 4</p><p>Pastebin links with full 24-hr RDP Honeypot IOC Lists:<br>Bad API request, invalid api_dev_key</p><p><a href="https://infosec.exchange/tags/CyberSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSec</span></a> <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://infosec.exchange/tags/Blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Blueteam</span></a> <a href="https://infosec.exchange/tags/SecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecOps</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a></p>
RDP Snitch<p>2025-07-31 RDP <a href="https://infosec.exchange/tags/Honeypot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Honeypot</span></a> IOCs - 324 scans<br>Thread with top 3 features in each category and links to the full dataset<br><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a></p><p>Top IPs:<br>104.248.13.245 - 191<br>113.161.168.2 - 35<br>49.13.49.205 - 26</p><p>Top ASNs:<br>AS14061 - 197<br>AS45899 - 35<br>AS24940 - 26</p><p>Top Accounts:<br>hello - 278<br>Administr - 12<br>Test - 8</p><p>Top ISPs:<br>DigitalOcean, LLC - 197<br>VietNam Post and Telecom Corporation - 35<br>Hetzner Online GmbH - 26</p><p>Top Clients:<br>Unknown - 324</p><p>Top Software:<br>Unknown - 324</p><p>Top Keyboards:<br>Unknown - 324</p><p>Top IP Classification:<br>hosting - 248<br>Unknown - 73<br>proxy - 2</p><p>Pastebin links with full 24-hr RDP Honeypot IOC Lists:<br>Bad API request, invalid api_dev_key</p><p><a href="https://infosec.exchange/tags/CyberSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSec</span></a> <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://infosec.exchange/tags/Blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Blueteam</span></a> <a href="https://infosec.exchange/tags/SecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecOps</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a></p>
Pen Test Partners<p>Deleted a folder? Shellbags is the accessory you need...</p><p>They’re one of the most valuable forensic artifacts for tracing user activity in Windows, even if the folders are gone.</p><p>This blog post by our Joseph Williams walks through how Shellbags work, how to analyse them with tools like ShellBags Explorer, and what they reveal about user navigation through local, external, and network locations.</p><p>If you're in DFIR, this is one artifact you don't want to miss.</p><p>📌 Read the blog: <a href="https://www.pentestpartners.com/security-blog/dfir-tools-and-techniques-for-tracing-user-footprints-through-shellbags/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">pentestpartners.com/security-b</span><span class="invisible">log/dfir-tools-and-techniques-for-tracing-user-footprints-through-shellbags/</span></a></p><p><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/DigitalForensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DigitalForensics</span></a> <a href="https://infosec.exchange/tags/WindowsForensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WindowsForensics</span></a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a> <a href="https://infosec.exchange/tags/Shellbags" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Shellbags</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/ForensicAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ForensicAnalysis</span></a></p>
RDP Snitch<p>2025-07-30 RDP <a href="https://infosec.exchange/tags/Honeypot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Honeypot</span></a> IOCs - 348 scans<br>Thread with top 3 features in each category and links to the full dataset<br><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a></p><p>Top IPs:<br>113.161.168.2 - 153<br>203.55.131.3 - 30<br>80.64.19.50 - 24</p><p>Top ASNs:<br>AS45899 - 153<br>AS396982 - 36<br>AS50219 - 30</p><p>Top Accounts:<br>hello - 177<br>Administr - 33<br>Test - 18</p><p>Top ISPs:<br>VietNam Post and Telecom Corporation - 153<br>Google LLC - 36<br>LNK SYSTEMS MUNTENIA SRL - 30</p><p>Top Clients:<br>Unknown - 348</p><p>Top Software:<br>Unknown - 348</p><p>Top Keyboards:<br>Unknown - 348</p><p>Top IP Classification:<br>Unknown - 270<br>hosting - 75<br>hosting & proxy - 3</p><p>Pastebin links with full 24-hr RDP Honeypot IOC Lists:<br>Bad API request, invalid api_dev_key</p><p><a href="https://infosec.exchange/tags/CyberSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSec</span></a> <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://infosec.exchange/tags/Blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Blueteam</span></a> <a href="https://infosec.exchange/tags/SecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecOps</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a></p>
RDP Snitch<p>2025-07-30 RDP <a href="https://infosec.exchange/tags/Honeypot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Honeypot</span></a> IOCs - 232 scans<br>Thread with top 3 features in each category and links to the full dataset<br><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a></p><p>Top IPs:<br>113.161.168.2 - 102<br>203.55.131.3 - 20<br>80.64.19.50 - 16</p><p>Top ASNs:<br>AS45899 - 102<br>AS396982 - 24<br>AS50219 - 20</p><p>Top Accounts:<br>hello - 118<br>Administr - 22<br>Test - 12</p><p>Top ISPs:<br>VietNam Post and Telecom Corporation - 102<br>Google LLC - 24<br>LNK SYSTEMS MUNTENIA SRL - 20</p><p>Top Clients:<br>Unknown - 232</p><p>Top Software:<br>Unknown - 232</p><p>Top Keyboards:<br>Unknown - 232</p><p>Top IP Classification:<br>Unknown - 180<br>hosting - 50<br>hosting & proxy - 2</p><p>Pastebin links with full 24-hr RDP Honeypot IOC Lists:<br>Bad API request, invalid api_dev_key</p><p><a href="https://infosec.exchange/tags/CyberSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSec</span></a> <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://infosec.exchange/tags/Blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Blueteam</span></a> <a href="https://infosec.exchange/tags/SecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecOps</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a></p>
RDP Snitch<p>2025-07-30 RDP <a href="https://infosec.exchange/tags/Honeypot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Honeypot</span></a> IOCs - 116 scans<br>Thread with top 3 features in each category and links to the full dataset<br><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a></p><p>Top IPs:<br>113.161.168.2 - 51<br>203.55.131.3 - 10<br>80.64.19.50 - 8</p><p>Top ASNs:<br>AS45899 - 51<br>AS396982 - 12<br>AS50219 - 10</p><p>Top Accounts:<br>hello - 59<br>Administr - 11<br>Test - 6</p><p>Top ISPs:<br>VietNam Post and Telecom Corporation - 51<br>Google LLC - 12<br>LNK SYSTEMS MUNTENIA SRL - 10</p><p>Top Clients:<br>Unknown - 116</p><p>Top Software:<br>Unknown - 116</p><p>Top Keyboards:<br>Unknown - 116</p><p>Top IP Classification:<br>Unknown - 90<br>hosting - 25<br>hosting & proxy - 1</p><p>Pastebin links with full 24-hr RDP Honeypot IOC Lists:<br>Bad API request, invalid api_dev_key</p><p><a href="https://infosec.exchange/tags/CyberSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSec</span></a> <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://infosec.exchange/tags/Blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Blueteam</span></a> <a href="https://infosec.exchange/tags/SecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecOps</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a></p>
G0rb<p>I do <a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> for 4 years now. I started in <a href="https://infosec.exchange/tags/cybersec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersec</span></a> nearly 10 years ago. My <a href="https://infosec.exchange/tags/opencti" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opencti</span></a> has over 60k reports and dozens of unpublished APT-Samples:</p><p>And I still have no fcking clue what <a href="https://infosec.exchange/tags/bsdnfs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bsdnfs</span></a> is and why the <a href="https://infosec.exchange/tags/NSA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NSA</span></a> fears it. :arthurfist:</p>
⚯ Michel de Cryptadamus ⚯<p>Just released version 1.16.8 of The Pdfalyzer with a bunch of new and updated <a href="https://universeodon.com/tags/YARA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YARA</span></a> rules to scan <a href="https://universeodon.com/tags/PDF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PDF</span></a> files for malicious content. Links in the quoted toot below.</p><p><a href="https://universeodon.com/@cryptadamist/114768170683991686" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">universeodon.com/@cryptadamist</span><span class="invisible">/114768170683991686</span></a></p><p><a href="https://universeodon.com/tags/ascii" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ascii</span></a> <a href="https://universeodon.com/tags/asciiArt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>asciiArt</span></a> <a href="https://universeodon.com/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a> <a href="https://universeodon.com/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://universeodon.com/tags/detectionEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>detectionEngineering</span></a> <a href="https://universeodon.com/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://universeodon.com/tags/forensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>forensics</span></a> <a href="https://universeodon.com/tags/FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FOSS</span></a> <a href="https://universeodon.com/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://universeodon.com/tags/homebrew" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homebrew</span></a> <a href="https://universeodon.com/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://universeodon.com/tags/KaliLinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KaliLinux</span></a> <a href="https://universeodon.com/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://universeodon.com/tags/malwareDetection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malwareDetection</span></a> <a href="https://universeodon.com/tags/malwareAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malwareAnalysis</span></a> <a href="https://universeodon.com/tags/openSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>openSource</span></a> <a href="https://universeodon.com/tags/pdf" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pdf</span></a> <a href="https://universeodon.com/tags/pdfs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pdfs</span></a> <a href="https://universeodon.com/tags/pdfalyzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pdfalyzer</span></a> <a href="https://universeodon.com/tags/pypi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pypi</span></a> <a href="https://universeodon.com/tags/python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>python</span></a> <a href="https://universeodon.com/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://universeodon.com/tags/reverseEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reverseEngineering</span></a> <a href="https://universeodon.com/tags/reversing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reversing</span></a> <a href="https://universeodon.com/tags/Threatassessment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Threatassessment</span></a> <a href="https://universeodon.com/tags/threathunting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threathunting</span></a> <a href="https://universeodon.com/tags/yaralyze" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>yaralyze</span></a> <a href="https://universeodon.com/tags/yaralyzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>yaralyzer</span></a> <a href="https://universeodon.com/tags/YARA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YARA</span></a> <a href="https://universeodon.com/tags/YARArule" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YARArule</span></a> <a href="https://universeodon.com/tags/YARArules" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YARArules</span></a></p>
⚯ Michel de Cryptadamus ⚯<p>just released version 1.0.1 of The Yaralyzer, my unexpectedly popular tool for visualizing and forcibly decoding <a href="https://universeodon.com/tags/YARA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YARA</span></a> matches in binary data. Fixes a small bug when trying to choose a byte offset to force a UTF-16 or UTF-32 decoding of matched bytes.</p><p>someone set up Yaralyzer as a <a href="https://universeodon.com/tags/Kali" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kali</span></a> package; not sure if that's made it into a release yet but if not the links are below.</p><p><a href="https://universeodon.com/@cryptadamist/113642071681749608" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">universeodon.com/@cryptadamist</span><span class="invisible">/113642071681749608</span></a></p><p><a href="https://universeodon.com/tags/ascii" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ascii</span></a> <a href="https://universeodon.com/tags/asciiArt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>asciiArt</span></a> <a href="https://universeodon.com/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a> <a href="https://universeodon.com/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://universeodon.com/tags/detectionengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>detectionengineering</span></a> <a href="https://universeodon.com/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://universeodon.com/tags/forensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>forensics</span></a> <a href="https://universeodon.com/tags/FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FOSS</span></a> <a href="https://universeodon.com/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://universeodon.com/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://universeodon.com/tags/KaliLinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KaliLinux</span></a> <a href="https://universeodon.com/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://universeodon.com/tags/malwareDetection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malwareDetection</span></a> <a href="https://universeodon.com/tags/malwareAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malwareAnalysis</span></a> <a href="https://universeodon.com/tags/openSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>openSource</span></a> <a href="https://universeodon.com/tags/pdfalyzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pdfalyzer</span></a> <a href="https://universeodon.com/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://universeodon.com/tags/reverseEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reverseEngineering</span></a> <a href="https://universeodon.com/tags/reversing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reversing</span></a> <a href="https://universeodon.com/tags/threathunting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>threathunting</span></a> <a href="https://universeodon.com/tags/yaralyze" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>yaralyze</span></a> <a href="https://universeodon.com/tags/yaralyzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>yaralyzer</span></a> <a href="https://universeodon.com/tags/YARA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YARA</span></a> <a href="https://universeodon.com/tags/YARArule" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YARArule</span></a> <a href="https://universeodon.com/tags/YARArules" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>YARArules</span></a></p>
RDP Snitch<p>2025-07-29 RDP <a href="https://infosec.exchange/tags/Honeypot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Honeypot</span></a> IOCs - 333 scans<br>Thread with top 3 features in each category and links to the full dataset<br><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a></p><p>Top IPs:<br>113.161.168.2 - 147<br>80.94.95.198 - 33<br>80.64.19.50 - 21</p><p>Top ASNs:<br>AS45899 - 147<br>AS396982 - 36<br>AS204428 - 33</p><p>Top Accounts:<br>hello - 180<br>Test - 42<br>142.93.8.59 - 33</p><p>Top ISPs:<br>VietNam Post and Telecom Corporation - 147<br>Google LLC - 36<br>SS-Net - 33</p><p>Top Clients:<br>Unknown - 333</p><p>Top Software:<br>Unknown - 333</p><p>Top Keyboards:<br>Unknown - 333</p><p>Top IP Classification:<br>Unknown - 276<br>hosting - 54<br>mobile & hosting - 3</p><p>Pastebin links with full 24-hr RDP Honeypot IOC Lists:<br>Bad API request, invalid api_dev_key</p><p><a href="https://infosec.exchange/tags/CyberSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSec</span></a> <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://infosec.exchange/tags/Blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Blueteam</span></a> <a href="https://infosec.exchange/tags/SecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecOps</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a></p>
RDP Snitch<p>2025-07-29 RDP <a href="https://infosec.exchange/tags/Honeypot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Honeypot</span></a> IOCs - 222 scans<br>Thread with top 3 features in each category and links to the full dataset<br><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DFIR</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a></p><p>Top IPs:<br>113.161.168.2 - 98<br>80.94.95.198 - 22<br>80.64.19.50 - 14</p><p>Top ASNs:<br>AS45899 - 98<br>AS396982 - 24<br>AS204428 - 22</p><p>Top Accounts:<br>hello - 120<br>Test - 28<br>142.93.8.59 - 22</p><p>Top ISPs:<br>VietNam Post and Telecom Corporation - 98<br>Google LLC - 24<br>SS-Net - 22</p><p>Top Clients:<br>Unknown - 222</p><p>Top Software:<br>Unknown - 222</p><p>Top Keyboards:<br>Unknown - 222</p><p>Top IP Classification:<br>Unknown - 184<br>hosting - 36<br>mobile & hosting - 2</p><p>Pastebin links with full 24-hr RDP Honeypot IOC Lists:<br>Bad API request, invalid api_dev_key</p><p><a href="https://infosec.exchange/tags/CyberSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSec</span></a> <a href="https://infosec.exchange/tags/SOC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SOC</span></a> <a href="https://infosec.exchange/tags/Blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Blueteam</span></a> <a href="https://infosec.exchange/tags/SecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecOps</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload