home.social

#dfir — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #dfir, aggregated by home.social.

  1. Want to chat with other LEAPPs & LAVA users? Interact with the developers and maintainers? If so get into our LEAPPs Discord server! Check out the invite link at leapps.org/resources

    #DigitalForensics #Discord #LEAPPs #MobileForensics #DFIR

  2. 🚀 OhMyPCAP 4.0.0 is HERE!

    The ultimate FOSS PCAP analyzer just got a massive upgrade for deeper file intelligence.

    New in v4.0:
    • Upgraded to YARA Forge Full ruleset — more comprehensive malware & threat detection
    • Exiftool + rich file metadata analysis — get more file information even if there are no YARA matches

    All the power you love is still here:
    Suricata alerts, file alerts, Sankey diagrams, full-text search, ASCII transcripts, hexdumps, stream carving + single Docker/Podman container (perfect for air-gapped or quick spins).

    Ideal for malware analysis, incident response, threat hunting, forensics & teaching.

    Who’s pulling this version right now? Drop a ❤️+ reply with your main use case (malware samples? CTFs? real-world incidents? teaching?)

    #PCAP #DFIR #Cybersecurity #Infosec #BlueTeam #ThreatHunting #Suricata #YARA #MalwareAnalysis

    @chrissanders88 @lennyzeltser

  3. 🚀 OhMyPCAP 4.0.0 is HERE!

    The ultimate FOSS PCAP analyzer just got a massive upgrade for deeper file intelligence.

    New in v4.0:
    • Upgraded to YARA Forge Full ruleset — more comprehensive malware & threat detection
    • Exiftool + rich file metadata analysis — get more file information even if there are no YARA matches

    All the power you love is still here:
    Suricata alerts, file alerts, Sankey diagrams, full-text search, ASCII transcripts, hexdumps, stream carving + single Docker/Podman container (perfect for air-gapped or quick spins).

    Ideal for malware analysis, incident response, threat hunting, forensics & teaching.

    Who’s pulling this version right now? Drop a ❤️+ reply with your main use case (malware samples? CTFs? real-world incidents? teaching?)

    #PCAP #DFIR #Cybersecurity #Infosec #BlueTeam #ThreatHunting #Suricata #YARA #MalwareAnalysis

    @chrissanders88 @lennyzeltser

  4. 🚀 OhMyPCAP 4.0.0 is HERE!

    The ultimate FOSS PCAP analyzer just got a massive upgrade for deeper file intelligence.

    New in v4.0:
    • Upgraded to YARA Forge Full ruleset — more comprehensive malware & threat detection
    • Exiftool + rich file metadata analysis — get more file information even if there are no YARA matches

    All the power you love is still here:
    Suricata alerts, file alerts, Sankey diagrams, full-text search, ASCII transcripts, hexdumps, stream carving + single Docker/Podman container (perfect for air-gapped or quick spins).

    Ideal for malware analysis, incident response, threat hunting, forensics & teaching.

    Who’s pulling this version right now? Drop a ❤️+ reply with your main use case (malware samples? CTFs? real-world incidents? teaching?)

    #PCAP #DFIR #Cybersecurity #Infosec #BlueTeam #ThreatHunting #Suricata #YARA #MalwareAnalysis

    @chrissanders88 @lennyzeltser

  5. INTRODUCING DIGITAL EVIDENCE CAN'T BE THE EXCEPTION!!!

    How many cases will end up in basic pleas because important evidence was missed?
    How can meaning be discerned when the process used to get there is hidden behind this black box technology?

    It is a salient fact that LLMs aren't optional now. They're already embedded in too many systems, workflows, and products to avoid. The question is under what conditions and with what controls.

    #DFIR #LLM #AI #DigitalForensics #MobileForensics

  6. 2026-05-25 RDP #Honeypot IOCs - 150 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 60
    193.169.194.14 - 36
    147.185.132.73 - 9

    Top ASNs:
    AS204428 - 60
    AS214576 - 36
    AS396982 - 36

    Top Accounts:
    Administr - 66
    (empty) - 45
    JveXvwTow - 3

    Top ISPs:
    SS-Net - 60
    Berdiev Ruslan Mukhabatovich - 36
    Google LLC - 36

    Top Clients:
    Unknown - 150

    Top Software:
    Unknown - 150

    Top Keyboards:
    Unknown - 150

    Top IP Classification:
    Unknown - 111
    hosting - 39

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  7. 2026-05-25 RDP #Honeypot IOCs - 150 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 60
    193.169.194.14 - 36
    147.185.132.73 - 9

    Top ASNs:
    AS204428 - 60
    AS214576 - 36
    AS396982 - 36

    Top Accounts:
    Administr - 66
    (empty) - 45
    JveXvwTow - 3

    Top ISPs:
    SS-Net - 60
    Berdiev Ruslan Mukhabatovich - 36
    Google LLC - 36

    Top Clients:
    Unknown - 150

    Top Software:
    Unknown - 150

    Top Keyboards:
    Unknown - 150

    Top IP Classification:
    Unknown - 111
    hosting - 39

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  8. 2026-05-25 RDP #Honeypot IOCs - 150 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 60
    193.169.194.14 - 36
    147.185.132.73 - 9

    Top ASNs:
    AS204428 - 60
    AS214576 - 36
    AS396982 - 36

    Top Accounts:
    Administr - 66
    (empty) - 45
    JveXvwTow - 3

    Top ISPs:
    SS-Net - 60
    Berdiev Ruslan Mukhabatovich - 36
    Google LLC - 36

    Top Clients:
    Unknown - 150

    Top Software:
    Unknown - 150

    Top Keyboards:
    Unknown - 150

    Top IP Classification:
    Unknown - 111
    hosting - 39

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  9. 2026-05-25 RDP #Honeypot IOCs - 150 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 60
    193.169.194.14 - 36
    147.185.132.73 - 9

    Top ASNs:
    AS204428 - 60
    AS214576 - 36
    AS396982 - 36

    Top Accounts:
    Administr - 66
    (empty) - 45
    JveXvwTow - 3

    Top ISPs:
    SS-Net - 60
    Berdiev Ruslan Mukhabatovich - 36
    Google LLC - 36

    Top Clients:
    Unknown - 150

    Top Software:
    Unknown - 150

    Top Keyboards:
    Unknown - 150

    Top IP Classification:
    Unknown - 111
    hosting - 39

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  10. 2026-05-25 RDP #Honeypot IOCs - 100 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 40
    193.169.194.14 - 24
    147.185.132.73 - 6

    Top ASNs:
    AS204428 - 40
    AS214576 - 24
    AS396982 - 24

    Top Accounts:
    Administr - 44
    (empty) - 30
    JveXvwTow - 2

    Top ISPs:
    SS-Net - 40
    Berdiev Ruslan Mukhabatovich - 24
    Google LLC - 24

    Top Clients:
    Unknown - 100

    Top Software:
    Unknown - 100

    Top Keyboards:
    Unknown - 100

    Top IP Classification:
    Unknown - 74
    hosting - 26

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  11. 2026-05-25 RDP #Honeypot IOCs - 100 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 40
    193.169.194.14 - 24
    147.185.132.73 - 6

    Top ASNs:
    AS204428 - 40
    AS214576 - 24
    AS396982 - 24

    Top Accounts:
    Administr - 44
    (empty) - 30
    JveXvwTow - 2

    Top ISPs:
    SS-Net - 40
    Berdiev Ruslan Mukhabatovich - 24
    Google LLC - 24

    Top Clients:
    Unknown - 100

    Top Software:
    Unknown - 100

    Top Keyboards:
    Unknown - 100

    Top IP Classification:
    Unknown - 74
    hosting - 26

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  12. 2026-05-25 RDP #Honeypot IOCs - 100 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 40
    193.169.194.14 - 24
    147.185.132.73 - 6

    Top ASNs:
    AS204428 - 40
    AS214576 - 24
    AS396982 - 24

    Top Accounts:
    Administr - 44
    (empty) - 30
    JveXvwTow - 2

    Top ISPs:
    SS-Net - 40
    Berdiev Ruslan Mukhabatovich - 24
    Google LLC - 24

    Top Clients:
    Unknown - 100

    Top Software:
    Unknown - 100

    Top Keyboards:
    Unknown - 100

    Top IP Classification:
    Unknown - 74
    hosting - 26

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  13. 2026-05-25 RDP #Honeypot IOCs - 100 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 40
    193.169.194.14 - 24
    147.185.132.73 - 6

    Top ASNs:
    AS204428 - 40
    AS214576 - 24
    AS396982 - 24

    Top Accounts:
    Administr - 44
    (empty) - 30
    JveXvwTow - 2

    Top ISPs:
    SS-Net - 40
    Berdiev Ruslan Mukhabatovich - 24
    Google LLC - 24

    Top Clients:
    Unknown - 100

    Top Software:
    Unknown - 100

    Top Keyboards:
    Unknown - 100

    Top IP Classification:
    Unknown - 74
    hosting - 26

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  14. 2026-05-25 RDP #Honeypot IOCs - 50 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 20
    193.169.194.14 - 12
    147.185.132.73 - 3

    Top ASNs:
    AS204428 - 20
    AS214576 - 12
    AS396982 - 12

    Top Accounts:
    Administr - 22
    (empty) - 15
    JveXvwTow - 1

    Top ISPs:
    SS-Net - 20
    Berdiev Ruslan Mukhabatovich - 12
    Google LLC - 12

    Top Clients:
    Unknown - 50

    Top Software:
    Unknown - 50

    Top Keyboards:
    Unknown - 50

    Top IP Classification:
    Unknown - 37
    hosting - 13

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  15. 2026-05-25 RDP #Honeypot IOCs - 50 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 20
    193.169.194.14 - 12
    147.185.132.73 - 3

    Top ASNs:
    AS204428 - 20
    AS214576 - 12
    AS396982 - 12

    Top Accounts:
    Administr - 22
    (empty) - 15
    JveXvwTow - 1

    Top ISPs:
    SS-Net - 20
    Berdiev Ruslan Mukhabatovich - 12
    Google LLC - 12

    Top Clients:
    Unknown - 50

    Top Software:
    Unknown - 50

    Top Keyboards:
    Unknown - 50

    Top IP Classification:
    Unknown - 37
    hosting - 13

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  16. 2026-05-25 RDP #Honeypot IOCs - 50 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 20
    193.169.194.14 - 12
    147.185.132.73 - 3

    Top ASNs:
    AS204428 - 20
    AS214576 - 12
    AS396982 - 12

    Top Accounts:
    Administr - 22
    (empty) - 15
    JveXvwTow - 1

    Top ISPs:
    SS-Net - 20
    Berdiev Ruslan Mukhabatovich - 12
    Google LLC - 12

    Top Clients:
    Unknown - 50

    Top Software:
    Unknown - 50

    Top Keyboards:
    Unknown - 50

    Top IP Classification:
    Unknown - 37
    hosting - 13

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  17. 2026-05-25 RDP #Honeypot IOCs - 50 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 20
    193.169.194.14 - 12
    147.185.132.73 - 3

    Top ASNs:
    AS204428 - 20
    AS214576 - 12
    AS396982 - 12

    Top Accounts:
    Administr - 22
    (empty) - 15
    JveXvwTow - 1

    Top ISPs:
    SS-Net - 20
    Berdiev Ruslan Mukhabatovich - 12
    Google LLC - 12

    Top Clients:
    Unknown - 50

    Top Software:
    Unknown - 50

    Top Keyboards:
    Unknown - 50

    Top IP Classification:
    Unknown - 37
    hosting - 13

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  18. Register for Belkasoft’s free on-demand SQLite training course to build practical DFIR database analysis skills, validate tool extractions, and earn 6 CPE credits. forensicfocus.com/news/advance #Belkasoft #DigitalForensics #DFIR

  19. Want to make #LEAPP artifacts that take advantage of the conversation view functionality? Easy! Watch this short video and learn how: youtu.be/yuNK8aznh6U

    Currently conversation view only supported on iLEAPP but coming to the rest of the LEAPPs shortly.

    #DFIR #LEAPPs #MobileForensics #DigitalForensics

  20. 2026-05-24 RDP #Honeypot IOCs - 183 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 45
    193.169.194.14 - 39
    71.6.134.235 - 30

    Top ASNs:
    AS204428 - 45
    AS214576 - 39
    AS396982 - 36

    Top Accounts:
    Administr - 45
    (empty) - 39
    hello - 18

    Top ISPs:
    SS-Net - 45
    Berdiev Ruslan Mukhabatovich - 39
    Google LLC - 36

    Top Clients:
    Unknown - 183

    Top Software:
    Unknown - 183

    Top Keyboards:
    Unknown - 183

    Top IP Classification:
    Unknown - 102
    hosting - 51
    hosting & proxy - 30

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  21. 2026-05-24 RDP #Honeypot IOCs - 183 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 45
    193.169.194.14 - 39
    71.6.134.235 - 30

    Top ASNs:
    AS204428 - 45
    AS214576 - 39
    AS396982 - 36

    Top Accounts:
    Administr - 45
    (empty) - 39
    hello - 18

    Top ISPs:
    SS-Net - 45
    Berdiev Ruslan Mukhabatovich - 39
    Google LLC - 36

    Top Clients:
    Unknown - 183

    Top Software:
    Unknown - 183

    Top Keyboards:
    Unknown - 183

    Top IP Classification:
    Unknown - 102
    hosting - 51
    hosting & proxy - 30

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  22. 2026-05-24 RDP #Honeypot IOCs - 183 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 45
    193.169.194.14 - 39
    71.6.134.235 - 30

    Top ASNs:
    AS204428 - 45
    AS214576 - 39
    AS396982 - 36

    Top Accounts:
    Administr - 45
    (empty) - 39
    hello - 18

    Top ISPs:
    SS-Net - 45
    Berdiev Ruslan Mukhabatovich - 39
    Google LLC - 36

    Top Clients:
    Unknown - 183

    Top Software:
    Unknown - 183

    Top Keyboards:
    Unknown - 183

    Top IP Classification:
    Unknown - 102
    hosting - 51
    hosting & proxy - 30

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  23. 2026-05-24 RDP #Honeypot IOCs - 183 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 45
    193.169.194.14 - 39
    71.6.134.235 - 30

    Top ASNs:
    AS204428 - 45
    AS214576 - 39
    AS396982 - 36

    Top Accounts:
    Administr - 45
    (empty) - 39
    hello - 18

    Top ISPs:
    SS-Net - 45
    Berdiev Ruslan Mukhabatovich - 39
    Google LLC - 36

    Top Clients:
    Unknown - 183

    Top Software:
    Unknown - 183

    Top Keyboards:
    Unknown - 183

    Top IP Classification:
    Unknown - 102
    hosting - 51
    hosting & proxy - 30

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  24. 2026-05-24 RDP #Honeypot IOCs - 122 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 30
    193.169.194.14 - 26
    71.6.134.235 - 20

    Top ASNs:
    AS204428 - 30
    AS214576 - 26
    AS396982 - 24

    Top Accounts:
    Administr - 30
    (empty) - 26
    hello - 12

    Top ISPs:
    SS-Net - 30
    Berdiev Ruslan Mukhabatovich - 26
    Google LLC - 24

    Top Clients:
    Unknown - 122

    Top Software:
    Unknown - 122

    Top Keyboards:
    Unknown - 122

    Top IP Classification:
    Unknown - 68
    hosting - 34
    hosting & proxy - 20

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  25. 2026-05-24 RDP #Honeypot IOCs - 122 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 30
    193.169.194.14 - 26
    71.6.134.235 - 20

    Top ASNs:
    AS204428 - 30
    AS214576 - 26
    AS396982 - 24

    Top Accounts:
    Administr - 30
    (empty) - 26
    hello - 12

    Top ISPs:
    SS-Net - 30
    Berdiev Ruslan Mukhabatovich - 26
    Google LLC - 24

    Top Clients:
    Unknown - 122

    Top Software:
    Unknown - 122

    Top Keyboards:
    Unknown - 122

    Top IP Classification:
    Unknown - 68
    hosting - 34
    hosting & proxy - 20

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  26. 2026-05-24 RDP #Honeypot IOCs - 122 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 30
    193.169.194.14 - 26
    71.6.134.235 - 20

    Top ASNs:
    AS204428 - 30
    AS214576 - 26
    AS396982 - 24

    Top Accounts:
    Administr - 30
    (empty) - 26
    hello - 12

    Top ISPs:
    SS-Net - 30
    Berdiev Ruslan Mukhabatovich - 26
    Google LLC - 24

    Top Clients:
    Unknown - 122

    Top Software:
    Unknown - 122

    Top Keyboards:
    Unknown - 122

    Top IP Classification:
    Unknown - 68
    hosting - 34
    hosting & proxy - 20

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  27. 2026-05-24 RDP #Honeypot IOCs - 122 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 30
    193.169.194.14 - 26
    71.6.134.235 - 20

    Top ASNs:
    AS204428 - 30
    AS214576 - 26
    AS396982 - 24

    Top Accounts:
    Administr - 30
    (empty) - 26
    hello - 12

    Top ISPs:
    SS-Net - 30
    Berdiev Ruslan Mukhabatovich - 26
    Google LLC - 24

    Top Clients:
    Unknown - 122

    Top Software:
    Unknown - 122

    Top Keyboards:
    Unknown - 122

    Top IP Classification:
    Unknown - 68
    hosting - 34
    hosting & proxy - 20

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  28. 2026-05-24 RDP #Honeypot IOCs - 61 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 15
    193.169.194.14 - 13
    71.6.134.235 - 10

    Top ASNs:
    AS204428 - 15
    AS214576 - 13
    AS396982 - 12

    Top Accounts:
    Administr - 15
    (empty) - 13
    hello - 6

    Top ISPs:
    SS-Net - 15
    Berdiev Ruslan Mukhabatovich - 13
    Google LLC - 12

    Top Clients:
    Unknown - 61

    Top Software:
    Unknown - 61

    Top Keyboards:
    Unknown - 61

    Top IP Classification:
    Unknown - 34
    hosting - 17
    hosting & proxy - 10

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  29. 2026-05-24 RDP #Honeypot IOCs - 61 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 15
    193.169.194.14 - 13
    71.6.134.235 - 10

    Top ASNs:
    AS204428 - 15
    AS214576 - 13
    AS396982 - 12

    Top Accounts:
    Administr - 15
    (empty) - 13
    hello - 6

    Top ISPs:
    SS-Net - 15
    Berdiev Ruslan Mukhabatovich - 13
    Google LLC - 12

    Top Clients:
    Unknown - 61

    Top Software:
    Unknown - 61

    Top Keyboards:
    Unknown - 61

    Top IP Classification:
    Unknown - 34
    hosting - 17
    hosting & proxy - 10

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  30. 2026-05-24 RDP #Honeypot IOCs - 61 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 15
    193.169.194.14 - 13
    71.6.134.235 - 10

    Top ASNs:
    AS204428 - 15
    AS214576 - 13
    AS396982 - 12

    Top Accounts:
    Administr - 15
    (empty) - 13
    hello - 6

    Top ISPs:
    SS-Net - 15
    Berdiev Ruslan Mukhabatovich - 13
    Google LLC - 12

    Top Clients:
    Unknown - 61

    Top Software:
    Unknown - 61

    Top Keyboards:
    Unknown - 61

    Top IP Classification:
    Unknown - 34
    hosting - 17
    hosting & proxy - 10

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  31. 2026-05-24 RDP #Honeypot IOCs - 61 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    80.94.95.221 - 15
    193.169.194.14 - 13
    71.6.134.235 - 10

    Top ASNs:
    AS204428 - 15
    AS214576 - 13
    AS396982 - 12

    Top Accounts:
    Administr - 15
    (empty) - 13
    hello - 6

    Top ISPs:
    SS-Net - 15
    Berdiev Ruslan Mukhabatovich - 13
    Google LLC - 12

    Top Clients:
    Unknown - 61

    Top Software:
    Unknown - 61

    Top Keyboards:
    Unknown - 61

    Top IP Classification:
    Unknown - 34
    hosting - 17
    hosting & proxy - 10

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  32. 2026-05-23 RDP #Honeypot IOCs - 174 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    193.169.194.14 - 48
    162.216.149.150 - 12
    45.142.193.145 - 12

    Top ASNs:
    AS214576 - 48
    AS396982 - 48
    AS63949 - 15

    Top Accounts:
    (empty) - 51
    hello - 27
    Test - 18

    Top ISPs:
    Berdiev Ruslan Mukhabatovich - 48
    Google LLC - 48
    Akamai Technologies, Inc. - 15

    Top Clients:
    Unknown - 174

    Top Software:
    Unknown - 174

    Top Keyboards:
    Unknown - 174

    Top IP Classification:
    Unknown - 99
    hosting - 69
    hosting & proxy - 6

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  33. 2026-05-23 RDP #Honeypot IOCs - 174 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    193.169.194.14 - 48
    162.216.149.150 - 12
    45.142.193.145 - 12

    Top ASNs:
    AS214576 - 48
    AS396982 - 48
    AS63949 - 15

    Top Accounts:
    (empty) - 51
    hello - 27
    Test - 18

    Top ISPs:
    Berdiev Ruslan Mukhabatovich - 48
    Google LLC - 48
    Akamai Technologies, Inc. - 15

    Top Clients:
    Unknown - 174

    Top Software:
    Unknown - 174

    Top Keyboards:
    Unknown - 174

    Top IP Classification:
    Unknown - 99
    hosting - 69
    hosting & proxy - 6

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  34. 2026-05-23 RDP #Honeypot IOCs - 174 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    193.169.194.14 - 48
    162.216.149.150 - 12
    45.142.193.145 - 12

    Top ASNs:
    AS214576 - 48
    AS396982 - 48
    AS63949 - 15

    Top Accounts:
    (empty) - 51
    hello - 27
    Test - 18

    Top ISPs:
    Berdiev Ruslan Mukhabatovich - 48
    Google LLC - 48
    Akamai Technologies, Inc. - 15

    Top Clients:
    Unknown - 174

    Top Software:
    Unknown - 174

    Top Keyboards:
    Unknown - 174

    Top IP Classification:
    Unknown - 99
    hosting - 69
    hosting & proxy - 6

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  35. 2026-05-23 RDP #Honeypot IOCs - 174 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    193.169.194.14 - 48
    162.216.149.150 - 12
    45.142.193.145 - 12

    Top ASNs:
    AS214576 - 48
    AS396982 - 48
    AS63949 - 15

    Top Accounts:
    (empty) - 51
    hello - 27
    Test - 18

    Top ISPs:
    Berdiev Ruslan Mukhabatovich - 48
    Google LLC - 48
    Akamai Technologies, Inc. - 15

    Top Clients:
    Unknown - 174

    Top Software:
    Unknown - 174

    Top Keyboards:
    Unknown - 174

    Top IP Classification:
    Unknown - 99
    hosting - 69
    hosting & proxy - 6

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  36. 2026-05-23 RDP #Honeypot IOCs - 116 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    193.169.194.14 - 32
    162.216.149.150 - 8
    45.142.193.145 - 8

    Top ASNs:
    AS214576 - 32
    AS396982 - 32
    AS63949 - 10

    Top Accounts:
    (empty) - 34
    hello - 18
    Test - 12

    Top ISPs:
    Berdiev Ruslan Mukhabatovich - 32
    Google LLC - 32
    Akamai Technologies, Inc. - 10

    Top Clients:
    Unknown - 116

    Top Software:
    Unknown - 116

    Top Keyboards:
    Unknown - 116

    Top IP Classification:
    Unknown - 66
    hosting - 46
    hosting & proxy - 4

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  37. 2026-05-23 RDP #Honeypot IOCs - 116 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    193.169.194.14 - 32
    162.216.149.150 - 8
    45.142.193.145 - 8

    Top ASNs:
    AS214576 - 32
    AS396982 - 32
    AS63949 - 10

    Top Accounts:
    (empty) - 34
    hello - 18
    Test - 12

    Top ISPs:
    Berdiev Ruslan Mukhabatovich - 32
    Google LLC - 32
    Akamai Technologies, Inc. - 10

    Top Clients:
    Unknown - 116

    Top Software:
    Unknown - 116

    Top Keyboards:
    Unknown - 116

    Top IP Classification:
    Unknown - 66
    hosting - 46
    hosting & proxy - 4

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  38. 2026-05-23 RDP #Honeypot IOCs - 116 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    193.169.194.14 - 32
    162.216.149.150 - 8
    45.142.193.145 - 8

    Top ASNs:
    AS214576 - 32
    AS396982 - 32
    AS63949 - 10

    Top Accounts:
    (empty) - 34
    hello - 18
    Test - 12

    Top ISPs:
    Berdiev Ruslan Mukhabatovich - 32
    Google LLC - 32
    Akamai Technologies, Inc. - 10

    Top Clients:
    Unknown - 116

    Top Software:
    Unknown - 116

    Top Keyboards:
    Unknown - 116

    Top IP Classification:
    Unknown - 66
    hosting - 46
    hosting & proxy - 4

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  39. 2026-05-23 RDP #Honeypot IOCs - 116 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    193.169.194.14 - 32
    162.216.149.150 - 8
    45.142.193.145 - 8

    Top ASNs:
    AS214576 - 32
    AS396982 - 32
    AS63949 - 10

    Top Accounts:
    (empty) - 34
    hello - 18
    Test - 12

    Top ISPs:
    Berdiev Ruslan Mukhabatovich - 32
    Google LLC - 32
    Akamai Technologies, Inc. - 10

    Top Clients:
    Unknown - 116

    Top Software:
    Unknown - 116

    Top Keyboards:
    Unknown - 116

    Top IP Classification:
    Unknown - 66
    hosting - 46
    hosting & proxy - 4

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  40. 2026-05-23 RDP #Honeypot IOCs - 58 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    193.169.194.14 - 16
    162.216.149.150 - 4
    45.142.193.145 - 4

    Top ASNs:
    AS214576 - 16
    AS396982 - 16
    AS63949 - 5

    Top Accounts:
    (empty) - 17
    hello - 9
    Test - 6

    Top ISPs:
    Berdiev Ruslan Mukhabatovich - 16
    Google LLC - 16
    Akamai Technologies, Inc. - 5

    Top Clients:
    Unknown - 58

    Top Software:
    Unknown - 58

    Top Keyboards:
    Unknown - 58

    Top IP Classification:
    Unknown - 33
    hosting - 23
    hosting & proxy - 2

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  41. 2026-05-23 RDP #Honeypot IOCs - 58 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    193.169.194.14 - 16
    162.216.149.150 - 4
    45.142.193.145 - 4

    Top ASNs:
    AS214576 - 16
    AS396982 - 16
    AS63949 - 5

    Top Accounts:
    (empty) - 17
    hello - 9
    Test - 6

    Top ISPs:
    Berdiev Ruslan Mukhabatovich - 16
    Google LLC - 16
    Akamai Technologies, Inc. - 5

    Top Clients:
    Unknown - 58

    Top Software:
    Unknown - 58

    Top Keyboards:
    Unknown - 58

    Top IP Classification:
    Unknown - 33
    hosting - 23
    hosting & proxy - 2

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  42. 2026-05-23 RDP #Honeypot IOCs - 58 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    193.169.194.14 - 16
    162.216.149.150 - 4
    45.142.193.145 - 4

    Top ASNs:
    AS214576 - 16
    AS396982 - 16
    AS63949 - 5

    Top Accounts:
    (empty) - 17
    hello - 9
    Test - 6

    Top ISPs:
    Berdiev Ruslan Mukhabatovich - 16
    Google LLC - 16
    Akamai Technologies, Inc. - 5

    Top Clients:
    Unknown - 58

    Top Software:
    Unknown - 58

    Top Keyboards:
    Unknown - 58

    Top IP Classification:
    Unknown - 33
    hosting - 23
    hosting & proxy - 2

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  43. 2026-05-23 RDP #Honeypot IOCs - 58 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    193.169.194.14 - 16
    162.216.149.150 - 4
    45.142.193.145 - 4

    Top ASNs:
    AS214576 - 16
    AS396982 - 16
    AS63949 - 5

    Top Accounts:
    (empty) - 17
    hello - 9
    Test - 6

    Top ISPs:
    Berdiev Ruslan Mukhabatovich - 16
    Google LLC - 16
    Akamai Technologies, Inc. - 5

    Top Clients:
    Unknown - 58

    Top Software:
    Unknown - 58

    Top Keyboards:
    Unknown - 58

    Top IP Classification:
    Unknown - 33
    hosting - 23
    hosting & proxy - 2

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  44. Looking for early reviewers on chapters 2 + 3 of my BSc thesis (Pterodo network architecture + WinRAR exploit chain).

    Project notes live at github.com/palianytsia-200/U-OB-KY. Draft PDFs available — DM here on Mastodon or email [email protected]. Happy to trade reviews (your DFIR / detection-engineering writeup for mine).

    Especially looking for anyone with hands-on Gamaredon incident-response experience. The thesis is methodology-heavy but I want feedback from people who've actually had to triage this stuff in a real SOC.

    #Pterodo #ThreatIntel #DFIR #UkraineCyber

  45. 2026-05-22 RDP #Honeypot IOCs - 567 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    46.63.101.233 - 420
    193.169.194.14 - 66
    147.185.132.30 - 9

    Top ASNs:
    AS51784 - 420
    AS214576 - 66
    AS396982 - 36

    Top Accounts:
    hello - 435
    (empty) - 75
    Test - 6

    Top ISPs:
    X-city Customers and Private - 420
    Berdiev Ruslan Mukhabatovich - 66
    Google LLC - 36

    Top Clients:
    Unknown - 567

    Top Software:
    Unknown - 567

    Top Keyboards:
    Unknown - 567

    Top IP Classification:
    Unknown - 501
    hosting - 57
    hosting & proxy - 9

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  46. 2026-05-22 RDP #Honeypot IOCs - 567 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    46.63.101.233 - 420
    193.169.194.14 - 66
    147.185.132.30 - 9

    Top ASNs:
    AS51784 - 420
    AS214576 - 66
    AS396982 - 36

    Top Accounts:
    hello - 435
    (empty) - 75
    Test - 6

    Top ISPs:
    X-city Customers and Private - 420
    Berdiev Ruslan Mukhabatovich - 66
    Google LLC - 36

    Top Clients:
    Unknown - 567

    Top Software:
    Unknown - 567

    Top Keyboards:
    Unknown - 567

    Top IP Classification:
    Unknown - 501
    hosting - 57
    hosting & proxy - 9

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  47. 2026-05-22 RDP #Honeypot IOCs - 567 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    46.63.101.233 - 420
    193.169.194.14 - 66
    147.185.132.30 - 9

    Top ASNs:
    AS51784 - 420
    AS214576 - 66
    AS396982 - 36

    Top Accounts:
    hello - 435
    (empty) - 75
    Test - 6

    Top ISPs:
    X-city Customers and Private - 420
    Berdiev Ruslan Mukhabatovich - 66
    Google LLC - 36

    Top Clients:
    Unknown - 567

    Top Software:
    Unknown - 567

    Top Keyboards:
    Unknown - 567

    Top IP Classification:
    Unknown - 501
    hosting - 57
    hosting & proxy - 9

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  48. 2026-05-22 RDP #Honeypot IOCs - 567 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    46.63.101.233 - 420
    193.169.194.14 - 66
    147.185.132.30 - 9

    Top ASNs:
    AS51784 - 420
    AS214576 - 66
    AS396982 - 36

    Top Accounts:
    hello - 435
    (empty) - 75
    Test - 6

    Top ISPs:
    X-city Customers and Private - 420
    Berdiev Ruslan Mukhabatovich - 66
    Google LLC - 36

    Top Clients:
    Unknown - 567

    Top Software:
    Unknown - 567

    Top Keyboards:
    Unknown - 567

    Top IP Classification:
    Unknown - 501
    hosting - 57
    hosting & proxy - 9

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  49. 2026-05-22 RDP #Honeypot IOCs - 378 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    46.63.101.233 - 280
    193.169.194.14 - 44
    147.185.132.30 - 6

    Top ASNs:
    AS51784 - 280
    AS214576 - 44
    AS396982 - 24

    Top Accounts:
    hello - 290
    (empty) - 50
    Test - 4

    Top ISPs:
    X-city Customers and Private - 280
    Berdiev Ruslan Mukhabatovich - 44
    Google LLC - 24

    Top Clients:
    Unknown - 378

    Top Software:
    Unknown - 378

    Top Keyboards:
    Unknown - 378

    Top IP Classification:
    Unknown - 334
    hosting - 38
    hosting & proxy - 6

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security

  50. 2026-05-22 RDP #Honeypot IOCs - 378 scans
    Thread with top 3 features in each category and links to the full dataset
    #DFIR #InfoSec

    Top IPs:
    46.63.101.233 - 280
    193.169.194.14 - 44
    147.185.132.30 - 6

    Top ASNs:
    AS51784 - 280
    AS214576 - 44
    AS396982 - 24

    Top Accounts:
    hello - 290
    (empty) - 50
    Test - 4

    Top ISPs:
    X-city Customers and Private - 280
    Berdiev Ruslan Mukhabatovich - 44
    Google LLC - 24

    Top Clients:
    Unknown - 378

    Top Software:
    Unknown - 378

    Top Keyboards:
    Unknown - 378

    Top IP Classification:
    Unknown - 334
    hosting - 38
    hosting & proxy - 6

    Pastebin links with full 24-hr RDP Honeypot IOC Lists:
    Bad API request, invalid api_dev_key

    #CyberSec #SOC #Blueteam #SecOps #Security