Jim Clausing's Avatar

Jim Clausing

@jclausing.bsky.social

pilot, cyclist, Unix/Linux, DFIR

256 Followers  |  217 Following  |  15 Posts  |  Joined: 12.06.2023  |  1.7206

Latest posts by jclausing.bsky.social on Bluesky

Post image

This came today #donorforlife

20.10.2025 20:32 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

2 more days to get the early-bird discount for one of my all-time favorite conferences, #SANS #DFIRCON in Miami in Nov. There are a bunch of hands-on workshops on Sun, 16 Nov, lots of evening events during the week #FOR577 my last in 2025. Reg here: www.sans.org/cyber-securi...

29.09.2025 18:25 β€” πŸ‘ 1    πŸ” 2    πŸ’¬ 0    πŸ“Œ 1
Post image

Linux touches every part of our networks. Our routers, switches, and firewalls likely run some flavor of Linux or Unix. Join me in London in July for the newly updated #SANS #FOR577 where we'll learn how to investigate attacks on Linux systems. www.sans.org/cyber-securi...

29.04.2025 12:20 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
ISC Logo

ISC Logo

Tool update: sigs.py - added check mode https://isc.sans.edu/diary/31706

21.02.2025 00:06 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
image of sans internet stormcenter logo with stormcast flair

image of sans internet stormcenter logo with stormcast flair

SANS Stormcast Monday Feb 24th: sigs.py update; Google Introdusing Quantum Safe Sigs; MSFT Update Win 11 issues; LTE/5G Vulns;
https://isc.sans.edu/podcastdetail/9336

24.02.2025 02:00 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
ISC Logo

ISC Logo

Unfurl v2025.02 released https://isc.sans.edu/diary/31716

24.02.2025 20:35 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Post image

Join me in one of my favorite places for the updated FOR577. Now, with more BTRFS, more rootkits, and more Linux attacks. #FOR577 #SANSSecWest

14.02.2025 16:58 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
ISC Logo

ISC Logo

New tool: immutable.py https://isc.sans.edu/diary/31598

18.01.2025 04:56 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
New tool: immutable.py - SANS Internet Storm Center New tool: immutable.py, Author: Jim Clausing

I just posted a Handler's Diary, I've released a python script to find Linux files with the immutable bit set. #FOR577 @sansisc.bsky.social #SANSDFIR isc.sans.edu/diary/New+to...

18.01.2025 05:40 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Is that even a question? Of course, he does

04.01.2025 15:15 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

And Google.
#DigitalForensics #MobileForensics #DFIR #Code

30.11.2024 13:00 β€” πŸ‘ 8    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

if you have a @github.com profile, can i ask you to update it with your @bsky.app handle? πŸ™

πŸ‘‰ it enables some very cool integrations, like auto curated feeds and starter packs for contributors and tech

23.11.2024 13:53 β€” πŸ‘ 1005    πŸ” 208    πŸ’¬ 84    πŸ“Œ 18

Congrats to Tyler and Zachary for an outstanding job in the day 6 challenge

23.11.2024 23:52 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Since I'm trying out #Bluesky, I figured I should add in support for it in Unfurl!

The v2024.11.20 release has some minor updates, but the biggest feature is the ability to parse a timestamp from Bluesky post IDs (or atproto TIDs).

Example: dfir.blog/unfurl/?url=...

Give it a try at unfurl.link!

21.11.2024 04:19 β€” πŸ‘ 26    πŸ” 12    πŸ’¬ 0    πŸ“Œ 2

Awesome research ! - The Nearest Neighbor Attack: How A Russian #APT Weaponized Nearby Wi-Fi Networks for Covert Access - @volexity.com - www.volexity.com/blog/2024/11... #cyberespionage

23.11.2024 08:32 β€” πŸ‘ 13    πŸ” 5    πŸ’¬ 2    πŸ“Œ 0
Post image

Time to find the newest Lethal Forensicators #SANS #FOR610

23.11.2024 13:59 β€” πŸ‘ 4    πŸ” 0    πŸ’¬ 2    πŸ“Œ 0

Daughter tells me she heard today that if you wear a band T-shirt (especially as a young woman) and a man says to you β€œname five of their songs”, the correct response is β€œname five women who trust you”, so I pass this on in case any of you need it

20.02.2024 19:01 β€” πŸ‘ 6526    πŸ” 2429    πŸ’¬ 76    πŸ“Œ 103

So, I was considering the cost of #12DaysOfChrostmas gifts from #truelove and was wondering do I need to include 12 pear trees or can she just use the 2 we already have?

25.12.2023 15:57 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
SANS Phoenix 2023 | Cyber Security Training SANS Phoenix 2023 (Dec 4-9) offers hands-on cybersecurity training taught by top industry practitioners. Attend Live Online or in Tempe, TX.

Join me for one of the last opportunities to take #SANS #FOR610 this year in virtual Phoenix/Tempe. #malware #malwareanalysis www.sans.org/cyber-securi...

29.10.2023 01:34 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Another great class and 2 more brand new lethal forensicators! Congratulations Takuya and Ryo! #SANS #FOR610 #malware

21.10.2023 07:22 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
New tool: le-hex-to-ip.py - SANS Internet Storm Center New tool: le-hex-to-ip.py, Author: Jim Clausing

I dropped a quick little tool today after some discussion on class today of the /proc filesystem and network connections #dfir #for577 isc.sans.edu/diary/New%20...

05.10.2023 21:19 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Interested in learning #malware analysis Down Under? Join me as we bring SANS #FOR610 back to Syney in September

27.07.2023 17:50 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

And here they are, congrats cow, Howard, and TerryTubby

15.07.2023 10:07 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Time to crown some new REM Masters in Singapore. Who will they be?

15.07.2023 00:48 β€” πŸ‘ 6    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

@jclausing is following 20 prominent accounts