#dfir — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #dfir, aggregated by home.social.
-
Want to chat with other LEAPPs & LAVA users? Interact with the developers and maintainers? If so get into our LEAPPs Discord server! Check out the invite link at https://www.leapps.org/resources
-
🚀 OhMyPCAP 4.0.0 is HERE!
The ultimate FOSS PCAP analyzer just got a massive upgrade for deeper file intelligence.
New in v4.0:
• Upgraded to YARA Forge Full ruleset — more comprehensive malware & threat detection
• Exiftool + rich file metadata analysis — get more file information even if there are no YARA matchesAll the power you love is still here:
Suricata alerts, file alerts, Sankey diagrams, full-text search, ASCII transcripts, hexdumps, stream carving + single Docker/Podman container (perfect for air-gapped or quick spins).Ideal for malware analysis, incident response, threat hunting, forensics & teaching.
Who’s pulling this version right now? Drop a ❤️+ reply with your main use case (malware samples? CTFs? real-world incidents? teaching?)
#PCAP #DFIR #Cybersecurity #Infosec #BlueTeam #ThreatHunting #Suricata #YARA #MalwareAnalysis
-
🚀 OhMyPCAP 4.0.0 is HERE!
The ultimate FOSS PCAP analyzer just got a massive upgrade for deeper file intelligence.
New in v4.0:
• Upgraded to YARA Forge Full ruleset — more comprehensive malware & threat detection
• Exiftool + rich file metadata analysis — get more file information even if there are no YARA matchesAll the power you love is still here:
Suricata alerts, file alerts, Sankey diagrams, full-text search, ASCII transcripts, hexdumps, stream carving + single Docker/Podman container (perfect for air-gapped or quick spins).Ideal for malware analysis, incident response, threat hunting, forensics & teaching.
Who’s pulling this version right now? Drop a ❤️+ reply with your main use case (malware samples? CTFs? real-world incidents? teaching?)
#PCAP #DFIR #Cybersecurity #Infosec #BlueTeam #ThreatHunting #Suricata #YARA #MalwareAnalysis
-
🚀 OhMyPCAP 4.0.0 is HERE!
The ultimate FOSS PCAP analyzer just got a massive upgrade for deeper file intelligence.
New in v4.0:
• Upgraded to YARA Forge Full ruleset — more comprehensive malware & threat detection
• Exiftool + rich file metadata analysis — get more file information even if there are no YARA matchesAll the power you love is still here:
Suricata alerts, file alerts, Sankey diagrams, full-text search, ASCII transcripts, hexdumps, stream carving + single Docker/Podman container (perfect for air-gapped or quick spins).Ideal for malware analysis, incident response, threat hunting, forensics & teaching.
Who’s pulling this version right now? Drop a ❤️+ reply with your main use case (malware samples? CTFs? real-world incidents? teaching?)
#PCAP #DFIR #Cybersecurity #Infosec #BlueTeam #ThreatHunting #Suricata #YARA #MalwareAnalysis
-
INTRODUCING DIGITAL EVIDENCE CAN'T BE THE EXCEPTION!!!
How many cases will end up in basic pleas because important evidence was missed?
How can meaning be discerned when the process used to get there is hidden behind this black box technology?It is a salient fact that LLMs aren't optional now. They're already embedded in too many systems, workflows, and products to avoid. The question is under what conditions and with what controls.
-
2026-05-25 RDP #Honeypot IOCs - 150 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 60
193.169.194.14 - 36
147.185.132.73 - 9Top ASNs:
AS204428 - 60
AS214576 - 36
AS396982 - 36Top Accounts:
Administr - 66
(empty) - 45
JveXvwTow - 3Top ISPs:
SS-Net - 60
Berdiev Ruslan Mukhabatovich - 36
Google LLC - 36Top Clients:
Unknown - 150Top Software:
Unknown - 150Top Keyboards:
Unknown - 150Top IP Classification:
Unknown - 111
hosting - 39Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-25 RDP #Honeypot IOCs - 150 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 60
193.169.194.14 - 36
147.185.132.73 - 9Top ASNs:
AS204428 - 60
AS214576 - 36
AS396982 - 36Top Accounts:
Administr - 66
(empty) - 45
JveXvwTow - 3Top ISPs:
SS-Net - 60
Berdiev Ruslan Mukhabatovich - 36
Google LLC - 36Top Clients:
Unknown - 150Top Software:
Unknown - 150Top Keyboards:
Unknown - 150Top IP Classification:
Unknown - 111
hosting - 39Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-25 RDP #Honeypot IOCs - 150 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 60
193.169.194.14 - 36
147.185.132.73 - 9Top ASNs:
AS204428 - 60
AS214576 - 36
AS396982 - 36Top Accounts:
Administr - 66
(empty) - 45
JveXvwTow - 3Top ISPs:
SS-Net - 60
Berdiev Ruslan Mukhabatovich - 36
Google LLC - 36Top Clients:
Unknown - 150Top Software:
Unknown - 150Top Keyboards:
Unknown - 150Top IP Classification:
Unknown - 111
hosting - 39Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-25 RDP #Honeypot IOCs - 150 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 60
193.169.194.14 - 36
147.185.132.73 - 9Top ASNs:
AS204428 - 60
AS214576 - 36
AS396982 - 36Top Accounts:
Administr - 66
(empty) - 45
JveXvwTow - 3Top ISPs:
SS-Net - 60
Berdiev Ruslan Mukhabatovich - 36
Google LLC - 36Top Clients:
Unknown - 150Top Software:
Unknown - 150Top Keyboards:
Unknown - 150Top IP Classification:
Unknown - 111
hosting - 39Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-25 RDP #Honeypot IOCs - 100 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 40
193.169.194.14 - 24
147.185.132.73 - 6Top ASNs:
AS204428 - 40
AS214576 - 24
AS396982 - 24Top Accounts:
Administr - 44
(empty) - 30
JveXvwTow - 2Top ISPs:
SS-Net - 40
Berdiev Ruslan Mukhabatovich - 24
Google LLC - 24Top Clients:
Unknown - 100Top Software:
Unknown - 100Top Keyboards:
Unknown - 100Top IP Classification:
Unknown - 74
hosting - 26Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-25 RDP #Honeypot IOCs - 100 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 40
193.169.194.14 - 24
147.185.132.73 - 6Top ASNs:
AS204428 - 40
AS214576 - 24
AS396982 - 24Top Accounts:
Administr - 44
(empty) - 30
JveXvwTow - 2Top ISPs:
SS-Net - 40
Berdiev Ruslan Mukhabatovich - 24
Google LLC - 24Top Clients:
Unknown - 100Top Software:
Unknown - 100Top Keyboards:
Unknown - 100Top IP Classification:
Unknown - 74
hosting - 26Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-25 RDP #Honeypot IOCs - 100 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 40
193.169.194.14 - 24
147.185.132.73 - 6Top ASNs:
AS204428 - 40
AS214576 - 24
AS396982 - 24Top Accounts:
Administr - 44
(empty) - 30
JveXvwTow - 2Top ISPs:
SS-Net - 40
Berdiev Ruslan Mukhabatovich - 24
Google LLC - 24Top Clients:
Unknown - 100Top Software:
Unknown - 100Top Keyboards:
Unknown - 100Top IP Classification:
Unknown - 74
hosting - 26Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-25 RDP #Honeypot IOCs - 100 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 40
193.169.194.14 - 24
147.185.132.73 - 6Top ASNs:
AS204428 - 40
AS214576 - 24
AS396982 - 24Top Accounts:
Administr - 44
(empty) - 30
JveXvwTow - 2Top ISPs:
SS-Net - 40
Berdiev Ruslan Mukhabatovich - 24
Google LLC - 24Top Clients:
Unknown - 100Top Software:
Unknown - 100Top Keyboards:
Unknown - 100Top IP Classification:
Unknown - 74
hosting - 26Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-25 RDP #Honeypot IOCs - 50 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 20
193.169.194.14 - 12
147.185.132.73 - 3Top ASNs:
AS204428 - 20
AS214576 - 12
AS396982 - 12Top Accounts:
Administr - 22
(empty) - 15
JveXvwTow - 1Top ISPs:
SS-Net - 20
Berdiev Ruslan Mukhabatovich - 12
Google LLC - 12Top Clients:
Unknown - 50Top Software:
Unknown - 50Top Keyboards:
Unknown - 50Top IP Classification:
Unknown - 37
hosting - 13Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-25 RDP #Honeypot IOCs - 50 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 20
193.169.194.14 - 12
147.185.132.73 - 3Top ASNs:
AS204428 - 20
AS214576 - 12
AS396982 - 12Top Accounts:
Administr - 22
(empty) - 15
JveXvwTow - 1Top ISPs:
SS-Net - 20
Berdiev Ruslan Mukhabatovich - 12
Google LLC - 12Top Clients:
Unknown - 50Top Software:
Unknown - 50Top Keyboards:
Unknown - 50Top IP Classification:
Unknown - 37
hosting - 13Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-25 RDP #Honeypot IOCs - 50 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 20
193.169.194.14 - 12
147.185.132.73 - 3Top ASNs:
AS204428 - 20
AS214576 - 12
AS396982 - 12Top Accounts:
Administr - 22
(empty) - 15
JveXvwTow - 1Top ISPs:
SS-Net - 20
Berdiev Ruslan Mukhabatovich - 12
Google LLC - 12Top Clients:
Unknown - 50Top Software:
Unknown - 50Top Keyboards:
Unknown - 50Top IP Classification:
Unknown - 37
hosting - 13Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-25 RDP #Honeypot IOCs - 50 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 20
193.169.194.14 - 12
147.185.132.73 - 3Top ASNs:
AS204428 - 20
AS214576 - 12
AS396982 - 12Top Accounts:
Administr - 22
(empty) - 15
JveXvwTow - 1Top ISPs:
SS-Net - 20
Berdiev Ruslan Mukhabatovich - 12
Google LLC - 12Top Clients:
Unknown - 50Top Software:
Unknown - 50Top Keyboards:
Unknown - 50Top IP Classification:
Unknown - 37
hosting - 13Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
Register for Belkasoft’s free on-demand SQLite training course to build practical DFIR database analysis skills, validate tool extractions, and earn 6 CPE credits. https://www.forensicfocus.com/news/advanced-sqlite-queries-free-on-demand-course-from-belkasoft/ #Belkasoft #DigitalForensics #DFIR
-
Want to make #LEAPP artifacts that take advantage of the conversation view functionality? Easy! Watch this short video and learn how: https://youtu.be/yuNK8aznh6U
Currently conversation view only supported on iLEAPP but coming to the rest of the LEAPPs shortly.
-
2026-05-24 RDP #Honeypot IOCs - 183 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 45
193.169.194.14 - 39
71.6.134.235 - 30Top ASNs:
AS204428 - 45
AS214576 - 39
AS396982 - 36Top Accounts:
Administr - 45
(empty) - 39
hello - 18Top ISPs:
SS-Net - 45
Berdiev Ruslan Mukhabatovich - 39
Google LLC - 36Top Clients:
Unknown - 183Top Software:
Unknown - 183Top Keyboards:
Unknown - 183Top IP Classification:
Unknown - 102
hosting - 51
hosting & proxy - 30Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-24 RDP #Honeypot IOCs - 183 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 45
193.169.194.14 - 39
71.6.134.235 - 30Top ASNs:
AS204428 - 45
AS214576 - 39
AS396982 - 36Top Accounts:
Administr - 45
(empty) - 39
hello - 18Top ISPs:
SS-Net - 45
Berdiev Ruslan Mukhabatovich - 39
Google LLC - 36Top Clients:
Unknown - 183Top Software:
Unknown - 183Top Keyboards:
Unknown - 183Top IP Classification:
Unknown - 102
hosting - 51
hosting & proxy - 30Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-24 RDP #Honeypot IOCs - 183 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 45
193.169.194.14 - 39
71.6.134.235 - 30Top ASNs:
AS204428 - 45
AS214576 - 39
AS396982 - 36Top Accounts:
Administr - 45
(empty) - 39
hello - 18Top ISPs:
SS-Net - 45
Berdiev Ruslan Mukhabatovich - 39
Google LLC - 36Top Clients:
Unknown - 183Top Software:
Unknown - 183Top Keyboards:
Unknown - 183Top IP Classification:
Unknown - 102
hosting - 51
hosting & proxy - 30Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-24 RDP #Honeypot IOCs - 183 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 45
193.169.194.14 - 39
71.6.134.235 - 30Top ASNs:
AS204428 - 45
AS214576 - 39
AS396982 - 36Top Accounts:
Administr - 45
(empty) - 39
hello - 18Top ISPs:
SS-Net - 45
Berdiev Ruslan Mukhabatovich - 39
Google LLC - 36Top Clients:
Unknown - 183Top Software:
Unknown - 183Top Keyboards:
Unknown - 183Top IP Classification:
Unknown - 102
hosting - 51
hosting & proxy - 30Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-24 RDP #Honeypot IOCs - 122 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 30
193.169.194.14 - 26
71.6.134.235 - 20Top ASNs:
AS204428 - 30
AS214576 - 26
AS396982 - 24Top Accounts:
Administr - 30
(empty) - 26
hello - 12Top ISPs:
SS-Net - 30
Berdiev Ruslan Mukhabatovich - 26
Google LLC - 24Top Clients:
Unknown - 122Top Software:
Unknown - 122Top Keyboards:
Unknown - 122Top IP Classification:
Unknown - 68
hosting - 34
hosting & proxy - 20Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-24 RDP #Honeypot IOCs - 122 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 30
193.169.194.14 - 26
71.6.134.235 - 20Top ASNs:
AS204428 - 30
AS214576 - 26
AS396982 - 24Top Accounts:
Administr - 30
(empty) - 26
hello - 12Top ISPs:
SS-Net - 30
Berdiev Ruslan Mukhabatovich - 26
Google LLC - 24Top Clients:
Unknown - 122Top Software:
Unknown - 122Top Keyboards:
Unknown - 122Top IP Classification:
Unknown - 68
hosting - 34
hosting & proxy - 20Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-24 RDP #Honeypot IOCs - 122 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 30
193.169.194.14 - 26
71.6.134.235 - 20Top ASNs:
AS204428 - 30
AS214576 - 26
AS396982 - 24Top Accounts:
Administr - 30
(empty) - 26
hello - 12Top ISPs:
SS-Net - 30
Berdiev Ruslan Mukhabatovich - 26
Google LLC - 24Top Clients:
Unknown - 122Top Software:
Unknown - 122Top Keyboards:
Unknown - 122Top IP Classification:
Unknown - 68
hosting - 34
hosting & proxy - 20Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-24 RDP #Honeypot IOCs - 122 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 30
193.169.194.14 - 26
71.6.134.235 - 20Top ASNs:
AS204428 - 30
AS214576 - 26
AS396982 - 24Top Accounts:
Administr - 30
(empty) - 26
hello - 12Top ISPs:
SS-Net - 30
Berdiev Ruslan Mukhabatovich - 26
Google LLC - 24Top Clients:
Unknown - 122Top Software:
Unknown - 122Top Keyboards:
Unknown - 122Top IP Classification:
Unknown - 68
hosting - 34
hosting & proxy - 20Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-24 RDP #Honeypot IOCs - 61 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 15
193.169.194.14 - 13
71.6.134.235 - 10Top ASNs:
AS204428 - 15
AS214576 - 13
AS396982 - 12Top Accounts:
Administr - 15
(empty) - 13
hello - 6Top ISPs:
SS-Net - 15
Berdiev Ruslan Mukhabatovich - 13
Google LLC - 12Top Clients:
Unknown - 61Top Software:
Unknown - 61Top Keyboards:
Unknown - 61Top IP Classification:
Unknown - 34
hosting - 17
hosting & proxy - 10Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-24 RDP #Honeypot IOCs - 61 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 15
193.169.194.14 - 13
71.6.134.235 - 10Top ASNs:
AS204428 - 15
AS214576 - 13
AS396982 - 12Top Accounts:
Administr - 15
(empty) - 13
hello - 6Top ISPs:
SS-Net - 15
Berdiev Ruslan Mukhabatovich - 13
Google LLC - 12Top Clients:
Unknown - 61Top Software:
Unknown - 61Top Keyboards:
Unknown - 61Top IP Classification:
Unknown - 34
hosting - 17
hosting & proxy - 10Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-24 RDP #Honeypot IOCs - 61 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 15
193.169.194.14 - 13
71.6.134.235 - 10Top ASNs:
AS204428 - 15
AS214576 - 13
AS396982 - 12Top Accounts:
Administr - 15
(empty) - 13
hello - 6Top ISPs:
SS-Net - 15
Berdiev Ruslan Mukhabatovich - 13
Google LLC - 12Top Clients:
Unknown - 61Top Software:
Unknown - 61Top Keyboards:
Unknown - 61Top IP Classification:
Unknown - 34
hosting - 17
hosting & proxy - 10Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-24 RDP #Honeypot IOCs - 61 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
80.94.95.221 - 15
193.169.194.14 - 13
71.6.134.235 - 10Top ASNs:
AS204428 - 15
AS214576 - 13
AS396982 - 12Top Accounts:
Administr - 15
(empty) - 13
hello - 6Top ISPs:
SS-Net - 15
Berdiev Ruslan Mukhabatovich - 13
Google LLC - 12Top Clients:
Unknown - 61Top Software:
Unknown - 61Top Keyboards:
Unknown - 61Top IP Classification:
Unknown - 34
hosting - 17
hosting & proxy - 10Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-23 RDP #Honeypot IOCs - 174 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
193.169.194.14 - 48
162.216.149.150 - 12
45.142.193.145 - 12Top ASNs:
AS214576 - 48
AS396982 - 48
AS63949 - 15Top Accounts:
(empty) - 51
hello - 27
Test - 18Top ISPs:
Berdiev Ruslan Mukhabatovich - 48
Google LLC - 48
Akamai Technologies, Inc. - 15Top Clients:
Unknown - 174Top Software:
Unknown - 174Top Keyboards:
Unknown - 174Top IP Classification:
Unknown - 99
hosting - 69
hosting & proxy - 6Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-23 RDP #Honeypot IOCs - 174 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
193.169.194.14 - 48
162.216.149.150 - 12
45.142.193.145 - 12Top ASNs:
AS214576 - 48
AS396982 - 48
AS63949 - 15Top Accounts:
(empty) - 51
hello - 27
Test - 18Top ISPs:
Berdiev Ruslan Mukhabatovich - 48
Google LLC - 48
Akamai Technologies, Inc. - 15Top Clients:
Unknown - 174Top Software:
Unknown - 174Top Keyboards:
Unknown - 174Top IP Classification:
Unknown - 99
hosting - 69
hosting & proxy - 6Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-23 RDP #Honeypot IOCs - 174 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
193.169.194.14 - 48
162.216.149.150 - 12
45.142.193.145 - 12Top ASNs:
AS214576 - 48
AS396982 - 48
AS63949 - 15Top Accounts:
(empty) - 51
hello - 27
Test - 18Top ISPs:
Berdiev Ruslan Mukhabatovich - 48
Google LLC - 48
Akamai Technologies, Inc. - 15Top Clients:
Unknown - 174Top Software:
Unknown - 174Top Keyboards:
Unknown - 174Top IP Classification:
Unknown - 99
hosting - 69
hosting & proxy - 6Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-23 RDP #Honeypot IOCs - 174 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
193.169.194.14 - 48
162.216.149.150 - 12
45.142.193.145 - 12Top ASNs:
AS214576 - 48
AS396982 - 48
AS63949 - 15Top Accounts:
(empty) - 51
hello - 27
Test - 18Top ISPs:
Berdiev Ruslan Mukhabatovich - 48
Google LLC - 48
Akamai Technologies, Inc. - 15Top Clients:
Unknown - 174Top Software:
Unknown - 174Top Keyboards:
Unknown - 174Top IP Classification:
Unknown - 99
hosting - 69
hosting & proxy - 6Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-23 RDP #Honeypot IOCs - 116 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
193.169.194.14 - 32
162.216.149.150 - 8
45.142.193.145 - 8Top ASNs:
AS214576 - 32
AS396982 - 32
AS63949 - 10Top Accounts:
(empty) - 34
hello - 18
Test - 12Top ISPs:
Berdiev Ruslan Mukhabatovich - 32
Google LLC - 32
Akamai Technologies, Inc. - 10Top Clients:
Unknown - 116Top Software:
Unknown - 116Top Keyboards:
Unknown - 116Top IP Classification:
Unknown - 66
hosting - 46
hosting & proxy - 4Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-23 RDP #Honeypot IOCs - 116 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
193.169.194.14 - 32
162.216.149.150 - 8
45.142.193.145 - 8Top ASNs:
AS214576 - 32
AS396982 - 32
AS63949 - 10Top Accounts:
(empty) - 34
hello - 18
Test - 12Top ISPs:
Berdiev Ruslan Mukhabatovich - 32
Google LLC - 32
Akamai Technologies, Inc. - 10Top Clients:
Unknown - 116Top Software:
Unknown - 116Top Keyboards:
Unknown - 116Top IP Classification:
Unknown - 66
hosting - 46
hosting & proxy - 4Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-23 RDP #Honeypot IOCs - 116 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
193.169.194.14 - 32
162.216.149.150 - 8
45.142.193.145 - 8Top ASNs:
AS214576 - 32
AS396982 - 32
AS63949 - 10Top Accounts:
(empty) - 34
hello - 18
Test - 12Top ISPs:
Berdiev Ruslan Mukhabatovich - 32
Google LLC - 32
Akamai Technologies, Inc. - 10Top Clients:
Unknown - 116Top Software:
Unknown - 116Top Keyboards:
Unknown - 116Top IP Classification:
Unknown - 66
hosting - 46
hosting & proxy - 4Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-23 RDP #Honeypot IOCs - 116 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
193.169.194.14 - 32
162.216.149.150 - 8
45.142.193.145 - 8Top ASNs:
AS214576 - 32
AS396982 - 32
AS63949 - 10Top Accounts:
(empty) - 34
hello - 18
Test - 12Top ISPs:
Berdiev Ruslan Mukhabatovich - 32
Google LLC - 32
Akamai Technologies, Inc. - 10Top Clients:
Unknown - 116Top Software:
Unknown - 116Top Keyboards:
Unknown - 116Top IP Classification:
Unknown - 66
hosting - 46
hosting & proxy - 4Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-23 RDP #Honeypot IOCs - 58 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
193.169.194.14 - 16
162.216.149.150 - 4
45.142.193.145 - 4Top ASNs:
AS214576 - 16
AS396982 - 16
AS63949 - 5Top Accounts:
(empty) - 17
hello - 9
Test - 6Top ISPs:
Berdiev Ruslan Mukhabatovich - 16
Google LLC - 16
Akamai Technologies, Inc. - 5Top Clients:
Unknown - 58Top Software:
Unknown - 58Top Keyboards:
Unknown - 58Top IP Classification:
Unknown - 33
hosting - 23
hosting & proxy - 2Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-23 RDP #Honeypot IOCs - 58 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
193.169.194.14 - 16
162.216.149.150 - 4
45.142.193.145 - 4Top ASNs:
AS214576 - 16
AS396982 - 16
AS63949 - 5Top Accounts:
(empty) - 17
hello - 9
Test - 6Top ISPs:
Berdiev Ruslan Mukhabatovich - 16
Google LLC - 16
Akamai Technologies, Inc. - 5Top Clients:
Unknown - 58Top Software:
Unknown - 58Top Keyboards:
Unknown - 58Top IP Classification:
Unknown - 33
hosting - 23
hosting & proxy - 2Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-23 RDP #Honeypot IOCs - 58 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
193.169.194.14 - 16
162.216.149.150 - 4
45.142.193.145 - 4Top ASNs:
AS214576 - 16
AS396982 - 16
AS63949 - 5Top Accounts:
(empty) - 17
hello - 9
Test - 6Top ISPs:
Berdiev Ruslan Mukhabatovich - 16
Google LLC - 16
Akamai Technologies, Inc. - 5Top Clients:
Unknown - 58Top Software:
Unknown - 58Top Keyboards:
Unknown - 58Top IP Classification:
Unknown - 33
hosting - 23
hosting & proxy - 2Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-23 RDP #Honeypot IOCs - 58 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
193.169.194.14 - 16
162.216.149.150 - 4
45.142.193.145 - 4Top ASNs:
AS214576 - 16
AS396982 - 16
AS63949 - 5Top Accounts:
(empty) - 17
hello - 9
Test - 6Top ISPs:
Berdiev Ruslan Mukhabatovich - 16
Google LLC - 16
Akamai Technologies, Inc. - 5Top Clients:
Unknown - 58Top Software:
Unknown - 58Top Keyboards:
Unknown - 58Top IP Classification:
Unknown - 33
hosting - 23
hosting & proxy - 2Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
Looking for early reviewers on chapters 2 + 3 of my BSc thesis (Pterodo network architecture + WinRAR exploit chain).
Project notes live at github.com/palianytsia-200/U-OB-KY. Draft PDFs available — DM here on Mastodon or email [email protected]. Happy to trade reviews (your DFIR / detection-engineering writeup for mine).
Especially looking for anyone with hands-on Gamaredon incident-response experience. The thesis is methodology-heavy but I want feedback from people who've actually had to triage this stuff in a real SOC.
-
2026-05-22 RDP #Honeypot IOCs - 567 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
46.63.101.233 - 420
193.169.194.14 - 66
147.185.132.30 - 9Top ASNs:
AS51784 - 420
AS214576 - 66
AS396982 - 36Top Accounts:
hello - 435
(empty) - 75
Test - 6Top ISPs:
X-city Customers and Private - 420
Berdiev Ruslan Mukhabatovich - 66
Google LLC - 36Top Clients:
Unknown - 567Top Software:
Unknown - 567Top Keyboards:
Unknown - 567Top IP Classification:
Unknown - 501
hosting - 57
hosting & proxy - 9Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-22 RDP #Honeypot IOCs - 567 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
46.63.101.233 - 420
193.169.194.14 - 66
147.185.132.30 - 9Top ASNs:
AS51784 - 420
AS214576 - 66
AS396982 - 36Top Accounts:
hello - 435
(empty) - 75
Test - 6Top ISPs:
X-city Customers and Private - 420
Berdiev Ruslan Mukhabatovich - 66
Google LLC - 36Top Clients:
Unknown - 567Top Software:
Unknown - 567Top Keyboards:
Unknown - 567Top IP Classification:
Unknown - 501
hosting - 57
hosting & proxy - 9Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-22 RDP #Honeypot IOCs - 567 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
46.63.101.233 - 420
193.169.194.14 - 66
147.185.132.30 - 9Top ASNs:
AS51784 - 420
AS214576 - 66
AS396982 - 36Top Accounts:
hello - 435
(empty) - 75
Test - 6Top ISPs:
X-city Customers and Private - 420
Berdiev Ruslan Mukhabatovich - 66
Google LLC - 36Top Clients:
Unknown - 567Top Software:
Unknown - 567Top Keyboards:
Unknown - 567Top IP Classification:
Unknown - 501
hosting - 57
hosting & proxy - 9Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-22 RDP #Honeypot IOCs - 567 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
46.63.101.233 - 420
193.169.194.14 - 66
147.185.132.30 - 9Top ASNs:
AS51784 - 420
AS214576 - 66
AS396982 - 36Top Accounts:
hello - 435
(empty) - 75
Test - 6Top ISPs:
X-city Customers and Private - 420
Berdiev Ruslan Mukhabatovich - 66
Google LLC - 36Top Clients:
Unknown - 567Top Software:
Unknown - 567Top Keyboards:
Unknown - 567Top IP Classification:
Unknown - 501
hosting - 57
hosting & proxy - 9Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-22 RDP #Honeypot IOCs - 378 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
46.63.101.233 - 280
193.169.194.14 - 44
147.185.132.30 - 6Top ASNs:
AS51784 - 280
AS214576 - 44
AS396982 - 24Top Accounts:
hello - 290
(empty) - 50
Test - 4Top ISPs:
X-city Customers and Private - 280
Berdiev Ruslan Mukhabatovich - 44
Google LLC - 24Top Clients:
Unknown - 378Top Software:
Unknown - 378Top Keyboards:
Unknown - 378Top IP Classification:
Unknown - 334
hosting - 38
hosting & proxy - 6Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key -
2026-05-22 RDP #Honeypot IOCs - 378 scans
Thread with top 3 features in each category and links to the full dataset
#DFIR #InfoSecTop IPs:
46.63.101.233 - 280
193.169.194.14 - 44
147.185.132.30 - 6Top ASNs:
AS51784 - 280
AS214576 - 44
AS396982 - 24Top Accounts:
hello - 290
(empty) - 50
Test - 4Top ISPs:
X-city Customers and Private - 280
Berdiev Ruslan Mukhabatovich - 44
Google LLC - 24Top Clients:
Unknown - 378Top Software:
Unknown - 378Top Keyboards:
Unknown - 378Top IP Classification:
Unknown - 334
hosting - 38
hosting & proxy - 6Pastebin links with full 24-hr RDP Honeypot IOC Lists:
Bad API request, invalid api_dev_key