Sandfly 1.5.0 Released – Enhanced Linux Process Forensics, Rootkit and Network Sniffer Hunting

Sandfly 1.5.0 has been released with many new detection methods for Linux rootkits, malware and suspicious activity. The latest update expands on our already thorough intrusion detection and threat hunting net for Linux. This version …

READ MORESandfly 1.5.0 Released – Enhanced Linux Process Forensics, Rootkit and Network Sniffer Hunting

Agentless Incident Response Sandflies and More Stealth Rootkit De-Cloaking: Sandfly 1.4.2 Released

Sandfly 1.4.2 Update Sandfly 1.4.2 is now released. This version brings back the old “Recon” sandflies as “Incident” sandflies for use for Incident Response (IR) or those wanting to do spot checks on hosts for …

READ MOREAgentless Incident Response Sandflies and More Stealth Rootkit De-Cloaking: Sandfly 1.4.2 Released

Sandfly 1.1.14 – Linux File Masquerading, Encrypted Malware Detection, and More

The latest Sandfly release has new features for file classification and file entropy scanning. We can now spot files that are trying to masquerade as something they aren’t, and spot files that may be packed …

READ MORESandfly 1.1.14 – Linux File Masquerading, Encrypted Malware Detection, and More