I took some time this weekend to catch-up a bit with AboutDFIR and add some of the content I’ve been too busy to share. I’ve got tons more, so that will be coming as time allows. I know Devon has stated it, but I’ll reiterate, the links that we add often have context and so I’ve decided to take a few minutes to add some backstory around the new additions I’ve made this weekend.
First, under “Certifications and Trainings”, I’ve added the free class The Cuckoo’s Egg Decompiled that Chris Sanders gives (yes free, and yep, “the” Chris Sanders!). Not sure how that wasn’t already on here, but hey, now it is, so don’t miss that one! Next, under CTF’s (one of my favorite categories), I’ve added two really cool links from a wonderful gentleman, Mr. John York, whom I met last month while playing the phenomenal “Holiday Hack” that Ed Skoudis and the CounterHack team puts together every year. John has not only won the annual “Holiday Hack” in the past, he’s placed in other years as well. He teaches at the Shenandoah Valley Governor’s School, and has put a unique spin on “Holiday Hack”, using it to teach his students about cyber security: KringleCon Lessonized and Holiday Hack 2017 Lessonized.
Then, also through playing “Holiday Hack”, I met Mr. Jim Kirn who told me he really likes a tool called OSquery, so I added that under “Intelligence Portals”. And, one more friend I met through “Holiday Hack” (you really need to play that CTF because you make so many wonderful friends) is Mr. Mike Felch. I actually met Mr. Felch through playing “Holiday Hack” last year, but we reconnected again this year and I realized he is part of the CoinSec PodCast, so check that out.
For all the OSCP fans out there, I came across a real gem that’s really gonna help you “Try harder”, and he’s from my hometown! I can’t wait to buy him a soda next time I’m in Lancaster, PA! Shout-out to Mr. Michael LaSalvia and his Youtube Channel: Path to OSCP – he’s got other really great videos on there as well. He’s totally passionate and such a great teacher!
Then, there’s the Google Phishing Quiz that was all over Twitter this past week, so I stuck that under the “Malware Analysis” section. I also learned about yet another ISAC, the Health-ISAC, so I added that one along-side all the others we have listed.
Lastly, I had the great privilege of sitting down to lunch with Evan Gaustad who used to work for Target and has now branched out on his own. Evan is no stranger to the stages of large conferences and it’s not every day that I get to chew the fat with someone of his ilk, so that was a really great treat. Evan told me how much he really likes using LogicHub and so I added that tool under “Intelligence Portals”.