Sandfly 2.3 – Performance Updates, Elasticsearch 7 Support and More

Basic Linux Malware Process Forensics for Incident Responders

Sandfly 2.2 – Enhanced Web Shell Detection, Linux Anti-Forensics and More

Sandfly 2.1 Released

Using Linux utmpdump for Forensics and Detecting Log File Tampering

Getting an Attacker IP Address from a Malicious Linux At Job

Sandfly 2.0 Released – Write Your Own Sandflies

Detecting and De-Cloaking HiddenWasp Linux Stealth Malware

How To Recover A Deleted Binary From Active Linux Malware

Using Linux Process Environment Variables for Live Forensics

The Advantages of Agentless Security and Intrusion Detection for Linux

Using Command Line Tools to Find Process Masquerading Linux Malware

Why You Must Monitor Linux for Signs of Intruders

Hunting for Linux Intrusion Tactics is Better than Searching for Exploit Signatures

Ninjas on Rooftops – A Better Approach to Linux Threat Hunting