AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Forensicators of #DFIR

If you haven’t posted to your blog or are generally inactive in the community in more than a year, you’ll likely be removed from this page.  If you would like to be re-added, please submit again and I’ll re-add you.

Additionally, check out the AboutDFIR RSS Starter Pack for a pre-packaged, curated list of feeds that you can easily import into Feedly!

NameTwitterBlog/WebsiteGitHubKnown For
Adnan bin Mohd Shukor@xandaXanda
Adrian Colyer@adriancolyerThe Morning Paper
Adrian Leong@cheeky4n6monkeyCheeky4n6Monkeycheeky4n6monkeyMobile Forensicating
Alexis Brignoni@alexisbrignoniInitialization vectorsabrignoni
Alissa Torres@sibertorSibertorSANS FOR526 Author, SANS FOR500, FOR508, SEC504 Instructor, Founder of Sibertor Forensics
Amanda Berlin@InfoSystirInfosystirCEO Mental Health Hackers, BrakeSec Podcast co-host, Co-Author of Defensive Security Handbook
Amanda Rousseau@MalwareUnicornOffensive Security @ Facebook
Amber Schroader@gingerwondermomFounder and CEO of Paraben Corporation
Andrew Case@attrcMemory ForensicsVolatility
Andrew Hay@andrewsmhayAndrew Hay
Andrew Rathbun@bunsofwrath12rathbunaAdmin of Digital Forensics Discord Server, AboutDFIR Contributor, KAPE/EZ Tools GitHub Contributor
Annah Waggoner@tootsierollpop8Adventures in Cyber Challenges
Antoinette Stevens@Antoinette0x53AntoinetteStevens
Anton Chuvakin@anton_chuvakinAnton Chuvakin
Anuj Soni@asoniAnuj SoniMalware Analysis, Reverse Engineering
April Wright@AprilWrightArchitect Security with April Wright
Artem Baranov@artem_i_baranovA blog about rootkits research and the Windows kernel
Ashley Hernandez@AshleyDFIRDirector of Product Development, BlackBag
Barry GrundyLinuxLEOLinuxLEO
Barry Wels@barrywelsBarry Wels Blog
Bart@bartblazeBlaze's Security Blog
Becky Selzer@BeckySecurity
Benjamin Delpy@gentikiwigentilkiwimimikatz
Binni Shah@binitamshah
Bjoern Kerler@viperbjkbkerlerMobile Revelator
Blanche Lagny@moustik01
Bob Zeidman@bib_zeidman
Brett Shavers@Brett_ShaversBrett's BlogDFIR.Training
Brian Krebs@briankrebsKrebs on SecurityCyber Security, Data Breach
Brian Moran@BriMorLabsBriMor Labs Blog
Brian Pennington@bfpenningtonBrian Pennington Blog
Bridgette Boody@bridgette_boody
Brooke Gottlieb@xbrookego
Bruce Schneier@schneierblogSchneier on Security
Caitie McCaffrey@CaitieCaitieM
Carlos Cajigas@Carlos_CajigasMash that Key
Caroline Stephens@cxstephens
Chad Tilbury@chadtilburyForensic MethodsSANS Instructor
Charlotte Hammond@gh0stp0p
Cheryl Biswas@3ncr1pt3dCyberWatch
Chris Dale@ChrisADalee-Disclosure Information ProjectSANS Instructor
Christa Miller@christammillerContent Manager, Forensic Focus
Christopher Vance@cScottVanceD20 ForensicsForensics Consultant, Magnet Forensics
Cindy Murphy@CindyMurphGillware BlogCo-Owner, Gillware Digital Forensics
Conrad Longmore@ConradLongmoreDynamoo Blog
Craig Ball@craigballBall in your Court
Dancho Danchev@dancho_danchevDancho Danchev Blog
Daniel Miessler@DanielMiesslerDaniel Miessler
Danielle Kingsbury@missdkingsburyCyberSecPsychFounder of CyberSecPsych
Dave Waterson@DavidLWatersonDavid L. Waterson
David Cowen@HECFBlogHacking ExposedForensic Lunch
David Hoelzer@it_auditShow Me The Packets!SANS Fellow
David KennedyBinary Defense Systems
David KennedyCircumventing Encoded Command Detection PowerShellHunt, PowerShell
David KovarIntegriography
David Longenecker@dnlongenMalicious PDF AnalysisPDF Analysis
Derek NewtonDerek Newton
Devon Ackerman@AboutDFIRAboutDFIR.comaei4n6AboutDFIR.com
Didier Stevens@DidierStevensDidier Stevens BlogTool development
Domenica Crognal@domenicacrognalSANS FOR585 Co-Author and Instructor
Dori Clark@clori_dark
Doug Burks@securityonionSecurity Onion Blog
Ed Skoudis@EdSkoudisSANS Fellow
Elan Wright@DFIRDivaDFIRDiva
Elizabeth Schweinsberg@BethLogic
Emily Crose@hexadecim8HexaDecim8EmilyMaxima
Eric Cole@drericcoleDr. Eric Cole BlogSANS Fellow
Eric Conrad@eric_conradEric ConradSANS Fellow
Eric Huber@ericjhuberA Fistful of Dongles Blog
Eric Ooi@ericooiericooi.com
Eric Zimmerman@EricRZimmermanBinary ForayEricZimmerman
Erika Noerenberg@gutterchurldon't blink
fl0x2208That Security Blog
Gary Hunter@pr3cur50rSALT4N6
GI Jane@i_am_the_gia
Hal Pomeranz@hal_pomeranzDeer Run AssociatesSANS Fellow
halvarflake@halvarflakeADD / XOR / ROLMalware analysis
Harlan Carvey@keydet89Windows Incident Responsekeydet89RegRipper, various DFIR books
Heather Mahalik@HeatherMahalikSmarter ForensicshmahalikSANS FOR585 Co-Author and Instructor, SANS FOR500 Instructor, Director of Digital Intelligence, Cellebrite
Heidi Winter@winter_heidi
Ian Whiffin@BlakDoubleDoubleBlak
Ismael Valenzuela@aboutsecurityIsmael ValenzuelaSANS Instructor
Ivan@IvanMalware Analysis, Reverse Engineering
Jacob Baines@junior_bainesHunting For Web Shellsjacob-bainesHunt, Web Shells
Jad Saliba@JadAtMagnetFounder, Magnet Forensics
Jake LieferDetecting In-Memory MimiKatzHunt, MimiKatz
James Lyne@jameslyneJames Lyne
Jamie Levy@gleedaJL's StuffVolatility Core Developer, Co-Author of The Art of Memory Forensics
Jamie Tomasello@JamieTomasello
Jason Fossen@JasonFossenSANS Fellow
Jason Hale@jasonshaleDigital Forensics StreamUSB Detective
Jeff McJunkin@jeffmcjunkin
Jek Hyde@HydeNS33k
Jelena Milosevic@_j3lena_
Jen Weedon@jenrweedon
Jennifer Granick @GranickJennifer GranickLegal Analysis
Jennifer Shekerchi@J_Shekerchi
Jerry Gamblin@JGamblinJerry Gamblin
Jesse Kornblum@jessekornblumJesse Kornblum
Jessica Hyde@B1N2H3XDirector of Forensics, Magnet Forensics
Jessica Solper@jessploit
JoeGironsec Security System Analysis
Joey Pistone@daguy666daguy666Mac IR Toolkit
Johannes Ullrich@johullrichSANS Fellow
John Gruber@daringfireballDaring Fireball
Jon Munsey@forensicsonlineCFRO - Independent Reviews of Forensic Hardware and SoftwareCFRO Website
Josh Hickman@josh_hickman1The Binary Hick: Thoughts From a Digital Forensic PractitionerCreating Android 7, 8, and 9 Test Images
Josh Sutfin@scsinusy
Josh Wright@joswr1ght
Joshua I. James@DFIRScienceDigital Forensic Sciencejijames
Kaitlyn Bestenheider@CryptoKaitCrypto Kait
Karolyn Bachelor@kibachelor
Katie Burnell@thefrozenpea
Katie Knowles@_sigilK. Knowles
Katie Moussouris@k8em0Founder/CEO, Luta Security
Katie Nickels@likethecoinsKatie's Five CentsSANS FOR578 Instructor
Kelly Lum@aloria
Keren Elazari@k3r3n3Keren Elazari
Kirby Plessas@kirbstr
Kris MerrittWhat on Earth is hunting anyway?Hunt
Lance Mueller@lancemuellerForensicKB
Lenny Zeltser@lennyzeltserLenny Zeltser on Information Security
Lenny Zeltser@lennyzeltser
Lesley Carhart @hacks4pancakesTISIPHONE.NETGIAC Testing Blog Post that has been widely shared
Limor Elbaz@LimorElbazFounder/CEO, Peerlyst
Limor Fried@adafruitAdafruit IndustriesFounder, Adafruit
Lodrina Cherne@hexplatesSANS FOR500 Instructor
Marco Neumann@kal_inkoBe-binary 4n6
Mari Degrazia@maridegraziaAnother Forensics BlogmdegraziaSANS FOR500 Instructor
Mariah Sexton@BorealisNinjaBorealisNinja
Marjorie Ferrone@MarjorieFerrone
Mark McKinnonComputer Forensics/E-Discovery Tips/Tricks and Information
Markus Klein@Virtual_MKLAcidXVMWare
Mary Ellen@icanhaspiiMennonite in Manhattan
Matt Edmondson@matt0177Digital Forensics TipsSANS Instructor
Matthew Green@matthew_d_greenCryptographic Engineering
Max Kersten@LibraAnalysisMax KerstenMalware analysis
Meagan Dunham Keim@Meagan_Dunham
Michael Bazzell@IntelTechniquesIntelTechniquesOSINT Jedi Master
Michael Gough@MichaelGoughTXHacker HurricaneHunt, Malware Analysis, Threat Intel
Michael HorowitzFlash CheatSheetFlash, CheatSheet
Michael MooreLawDawg4n6
Michael MurrForensic Computing
Michelle Mullinix@MullinixD
Mike Williamson@forensicmike1forensic mikeForensics Consultant, Magnet Forensics
Mila ParkourContagioDumpMalware
Nader Shalabi@nader_shalabiNo Secure CodenshalabiTool
Nick Caldwell@nickcald Worst Career Advice I Ever Received
Nicole Becher@thedeadrobots
Nicole Beckwith@NicoleBeckwith
Nicole Ibrahim@nicoleibrahimHEX-OR Forensics
Nir SoferNirSoft - Freeware utilitiesMany freeware forensic tools
Pamela Armstrong@pjarmstrongazTitanium11.com
Parisa Tabriz @laparisaAs I rap.
Patricia Watson@PMWatson
Patrict Stiewart@ProDigital4n6ProDigital4n6
Paul Lorentz@PaulScurvyCellebrite
Petter Christian Bjelland@pcbjepcbjeAD1 Image Parser
Philippe Teuwen@doegoxCorkamiReverse Engineering
Phill Moore@phillmoore ThinkDFIR
Phill Moore@phillmooreThis Week in 4n6This Week in 4n6
Rachel Tobac@RachelTobacCEO, Social Proof Security
Rafal Los@Wh1t3RabbitFollowing the Wh1t3 Rabbit-A Security
Raphael Mudge@armitagehackerStrategic Cyber LLCCobalt Strike
Rebekah Brown@PDXbek
Richard Bejtlich@taosecurityTaoSecurityFounder, TaoSecurity
Rob Fitzgerald@ravici
Rob Lee@robtleeSANS Fellow
Robert Graham@ErrataRobErrata Security
Robert M. Lee@RobertMLeeRobertMLeeSANS Instructor
Ron Serber@RonSerberGlobal Co-CEO, Cellebrite
Russ Taylor@Russ_Taylor_Hats off Security
Russell Cameron Thomas@ExplPossibilityExploring Possibility Space
Ryan Benson@_RyanBensondfir.blog
Ryan Chapman@rj_chapincidentresponse.trainingrj_chapSANS Instructor
Samantha McIlveen@SamMcIlveen
Sandro Gauci@sandrogauciSIPVicious Blogsipvicious
Sarah Edwards@iamevltwinMac4n6mac4n6SANS FOR518 Author and Instructor
Sarah Konunchuk (Surzyn)@SarahSurz13
Saskia Kuschke@s_kuschke
Scar de Courcier@scardecourcierScarSenior Editor, Forensic Focus
Scott LorenzMobile Device Forensics and AnalysisEDL Research
Seth Misenar@sethmisenarContext SecuritySANS Fellow
Shahar Tal@jifaVP Research, Cellebrite
Shelly Giesbrecht@NerdiosityNerdiosityStylish Bow Ties
Sherri Davidoff@SherriDavidoffCEO, LMG Security
Stacey Randolph@4n6woman
Stephen Northcutt@StephenNorthcutSANS Fellow
Stephen Sims@Steph3nSims
Sue @Sirius_Malware
Susan BrennerCyb3rCrim3Law Professor
Susan Peediyakka@v33na
Tammy Reuter@tammyreuter
Tania Allard@ixekTania's blog site
Tanya Baccam@tbaccamSANS MGT414 Instructor
Tanya Janca@shehackspurpleTanya Jancashehackspurple
Tara @blackroomsecBlack.Room Security
Tarah Melton@melton_tarahForensic Consultant, Magnet Forensics
Tarah Wheeler@tarah
Teri Radichel@TeriRadichelCEO, 2nd Sight Lab
Tim Medin@TimMedinSANS Instructor
Tom Slovenski@TomSlovenskiCellular Forensics LLCCell Phone Forensics
Tony Knutson@bigt252002SANS SME, AboutDFIR Contributor
Tracy Maleeff@InfoSecSherpaInfoSecSherpa
Veronica Schmitt@Po1Zon_P1x13
Wendi Whitmore@WendiWhitmore
Wendy Edwards@wayward710
Wendy Knox Everette@wendyckWendy Knox Everettewendyck
Wendy Nather@wendynatherIdoneous SecurityHead of Advisory CISOs, Cisco
Whitney Champion@shortxstackwhitney ellis championshortstack
Whitney Merrill@wbm312Whitney B. MerrillPrivacy/InfoSec Lawyer
Xena Olsen@Ch33r10CH33R10
Yogesh Khatri@swiftforensicsSwift ForensicsydlhatriMac Forensics Tools