@binaryz0ne.bsky.social
DFIR and Adversary Simulation
Soon, Iβll be joining an incredible team, and I truly canβt wait to begin this next chapter of my #DFIR career!
THANK YOU ALL!
After more than a decade in academia, teaching thousands of students and professionals, Iβve decided to return to the world of consulting. Iβm deeply grateful to my family for their unwavering support and to everyone who has helped me grow into the person I am today. #DFIR
14.09.2025 23:42 β π 4 π 0 π¬ 1 π 0Course can be found here: www.suspectbehindthekeyboard.com
14.09.2025 23:41 β π 1 π 0 π¬ 0 π 0
I want to thank @brettshavers.bsky.social for the opportunity taking his "DF/IR Investigative Mindset" course! This is an amazing course for everyone! Whether you're a vetran or just starting your #DFIR career. I can't recommend it enough.
Brett, thank you so much ππ»
these are related to the idea that there is a way to run an executable disguised as a .txt / .pdf / .lol or whatever. I just have not found the time to document it yet.
09.09.2025 05:35 β π 0 π 0 π¬ 0 π 0Yes, prefetch files too :)
07.09.2025 16:00 β π 0 π 0 π¬ 0 π 0
Or these PDF/TXT executables!
07.09.2025 15:59 β π 0 π 0 π¬ 1 π 0
For those who love executables :)
07.09.2025 15:58 β π 0 π 0 π¬ 1 π 0
π Starting August, you'll be able to test your malware analysis skills with our upcoming certification exam!
Huge thanks to "Saad AHLA" for leading the development of this challenge. Get ready, this is truly a fun one!
#malware #DFIR #CyberSecurity #ThreatHunting #BlueTeam #CCMA
Our CCDFA Bootcamp is one of the best deals in DFIR training! The course content, labs, virtual lab access, and live sessions all included.
Only have 2 seats left for the August bootcamp!
academy.cyber5w.com/courses/c5w-...
#DFIR #DigitalForensics #CyberSecurity #BlueTeam #IncidentResponse
This is what I have so far! #DFIR #ThreatSimulation #Cybersecurity #Offsec
27.07.2025 15:47 β π 2 π 0 π¬ 0 π 0I will be sharing all the content, which are basically the labs, files (simple tools/scripts/etc), and few presentations for anyone who would like to use in their classroom. So keep an eye out for this.
#DFIR #Cybersecurity #Infosec #ThreatHunting #ThreatSimulation
If you have the resources, maybe through an Elastic or Splunk server and use that for your investigations/hunting/etc. That will be something for you to decide/do.
27.07.2025 15:47 β π 0 π 0 π¬ 1 π 0I did not want to use a SIEM (Elastic/Splunk/etc) to simulate situations when you don't have such a capability, but you will still need to do hunting/investigations with limited and/or FREE tools. So we installed Sysmon on all systems and had a Velociraptor server with agents.
27.07.2025 15:47 β π 0 π 0 π¬ 1 π 0
Last semester I created a course to help students start learning about Threat Simulation & Hunting. I used GOAD for the testing environement. So shoutout to @M4yFly for creating GOAD. Every lab was themed around the Game of Thrones series; students liked it.
labs.cyber5w.com/courses/218b...
Week 30 - 2025 #DFIR
thisweekin4n6.com/2025/07/27/w...
A few details about the exam:
β
Hands-on, browser-based
β
Covers imaging, file systems & artifacts
β
Perfect for beginners & career switchers
academy.cyber5w.com/courses/c5w-...
#DFIR #C5W #CyberSecurity #DigitalForensics
We created a simple certification exam "C5W Certified Digital Forensics Foundations (CDFF)" for those who took our FREE Intro to Digital Forensics course and want to test their skills #DFIR
academy.cyber5w.com/courses/c5w-...
#DFIR #C5W #CyberSecurity #DigitalForensics
URL to Digital Forensics bootcamp:
academy.cyber5w.com/courses/c5w-...
#DFIR #DigitalForensics #CyberSecurity #C5W
If youβre looking to get into Digital Forensics, this is probably the most affordable & complete training youβll find. The value packed into this bootcamp goes far beyond the price, & right now, thereβs a discount running! #DFIR #DigitalForensics #CyberSecurity
PLEASE SHARE with others! Thank You!
π Master Windows Sandbox for secure app testing!
Learn to install, configure, and safely run suspicious apps in an isolated environment.
π» Hands-on labs included
π° You can take it for FREE or Pay to Support Us!
labs.cyber5w.com/courses/975e...
#CyberSecurity #DFIR #C5W #WindowsSandbox #malware
This is a great opportunity for beginners to put their skills to the test! #DFIR #Cybersecurity #Infosec #DigitalForensics
24.06.2025 16:40 β π 3 π 1 π¬ 0 π 0We're happy to announce that @cyber5w.bsky.social is renewing their sponsorship of #OST2 at the Bronzeπ₯ level in 2025!
Learn more about Cyber5W and their forensics training here: ost2.fyi/Sponsor_Cybe...
It has a remote control and can be used to change the light colors π
They also gave me a card with all of their kind words and signatures on it !!!
Very lucky that I had such students and I will miss them a lot! Thank you for being my students β€οΈ
I was asked last week to help some students in the lab, but got surprised by my Digital Forensics senior students being there for one last time and giving me this gift!
I will miss you all and I am so lucky that I got to work with you for the last 4 years! THANK YOU SO MUCH β€οΈ
This modexp.wordpress.com/2025/04/27/b... is an interesting post by
modexpblog ... highly recommend checking it out.
Join me at the @ Techno Security & Digital Forensics Conference! Iβll be speaking on "Utilizing ETW for Ransomware Threat Detection"
Register today at technosecurity.us/east/registr... and save 10% with code SPK25
#TechnoSecurity #DFIR #Malware #Ransomware
Great thread to read #DFIR
26.04.2025 01:37 β π 1 π 0 π¬ 0 π 0
Arsenal Image Mounter v3.11.307 is now available with minor fixes & other improvements which include improved handling of corrupt Registry hives when launching virtual machines. See the change log for more information. arsenalrecon.com/downloads #DFIR
25.04.2025 17:13 β π 2 π 2 π¬ 0 π 0
Excited to announce that Iβll be delivering a keynote at ICTCSβ25 titled:
"Beyond Tools: DFIR in the Era of Emerging Threats"
Looking forward to connecting with researchers at #ICTCS25! #DFIR #CyberSecurity #DigitalForensics
