Sandfly Update

Linux File Masquerading and Malicious PIDs – Sandfly 1.2.6 Update

July 05, 2018

Linux Forensics, Sandfly, Sandfly Update

Sandfly 1.2.6 Released This version of Sandfly has many internal performance improvements. Some sandfly checks have been sped up over 5…

Detecting Linux Binary File Poisoning

June 14, 2018

Binary Poisoning, Computer Forensics, Linux Forensics, Masquerading, Sandfly, Sandfly Update

Let’s talk about Linux binary poisoning. Binary poisoning is tampering with a system command and replacing it with a malicious version. This…

Sandfly 2.3.3 – More Linux Sniffer and Immutable File Detection

November 21, 2010

Sandfly, Sandfly Update, Update

Sandfly 2.3.3 has been released. We’ve put in more methods to help spot packet sniffers and suspicious immutable files common with malware…