Command Line Compromise Detection for Linux Cheat Sheet

Below is our command line compromise detection for Linux cheat sheet and presentation given at Purplecon 2018: Linux Compromise Detection Command Cheat Sheet Linux Compromise Detection Presentation Linux Compromise Detection Video The presentation and cheat …

READ MORECommand Line Compromise Detection for Linux Cheat Sheet

Sandfly 1.1.14 – Linux File Masquerading, Encrypted Malware Detection, and More

The latest Sandfly release has new features for file classification and file entropy scanning. We can now spot files that are trying to masquerade as something they aren’t, and spot files that may be packed …

READ MORESandfly 1.1.14 – Linux File Masquerading, Encrypted Malware Detection, and More

Detect Linux Loadable Kernel Module Stealth Rootkits Agentlessly with Sandfly

Watch Sandfly’s agentless intrusion detection and threat hunting technology detect a Linux stealth rootkit. Sandfly automates the investigation and alerting of Linux rootkit compromises so you can respond quickly to threats. Hunt for rootkits. Don’t …

READ MOREDetect Linux Loadable Kernel Module Stealth Rootkits Agentlessly with Sandfly

Linux Command Line Forensics Presentation at Christchurch Hacker Con 2017

Craig Rowland presented last October at the Christchurch HackCon on the topic of using basic command line tools for Linux forensic investigation. His talk focused around using built-in command line tools and careful observation to …

READ MORELinux Command Line Forensics Presentation at Christchurch Hacker Con 2017