Sandfly 2.6.0 – Elasticsearch Replication, Linux Docker Container Security Scanning, Hidden Process De-Cloaking and More

Detecting Linux Kernel Process Masquerading with Command Line Forensics

Sandfly 2.5.2 – Scheduling Priority, Detecting Command Line Web Servers, Port Scanners and Kernel Thread Masquerading

Sandfly 2.5.0 – Higher Performance, SSH Key Certificates and More Linux Forensics

Sandfly 2.4.0 – Splunk Support, Reconnaissance, Process Injection Detection and Containers

How To Decloak Stealth Linux Cryptocurrency Mining Malware

Sandfly Filescan Open Source File Entropy Scanner for Linux

Sandfly 2.3.2 – Linux Packet Sniffer Detection and Faster Process Forensics

Sandfly 2.3 – Performance Updates, Elasticsearch 7 Support and More

Basic Linux Malware Process Forensics for Incident Responders

Sandfly 2.2 – Enhanced Web Shell Detection, Linux Anti-Forensics and More

Sandfly 2.1 Released

Using Linux utmpdump for Forensics and Detecting Log File Tampering

Getting an Attacker IP Address from a Malicious Linux At Job

Sandfly 2.0 Released – Write Your Own Sandflies