If you haven’t posted to your blog or are generally inactive in the community in more than a year, you’ll likely be removed from this page. If you would like to be re-added, please submit again and I’ll re-add you.
Additionally, check out the AboutDFIR RSS Starter Pack for a pre-packaged, curated list of feeds that you can easily import into Feedly!
| Name | Blog/Website | GitHub | Known For | |
|---|---|---|---|---|
| Adnan bin Mohd Shukor | @xanda | Xanda | ||
| Adrian Colyer | @adriancolyer | The Morning Paper | ||
| Adrian Leong | @cheeky4n6monkey | Cheeky4n6Monkey | cheeky4n6monkey | Mobile Forensicating |
| Alessandro Di Carlo | @samaritan_o | TheDFIRReport and LinkedIn | Forensics & Product Manager at Certego Srl, 3x SANS Institute Lethal Forensicator, and one of the main contributors to TheDFIRReport project | |
| Alexander Giles | @muldwych | TheSecurityNoob.com | DFIR Rapid Response with Sophos | |
| Alexis Brignoni | @alexisbrignoni | Initialization vectors | abrignoni | |
| Alissa Torres | @sibertor | Sibertor | SANS FOR526 Author, SANS FOR500, FOR508, SEC504 Instructor, Founder of Sibertor Forensics | |
| Amanda Berlin | @InfoSystir | Infosystir | CEO Mental Health Hackers, BrakeSec Podcast co-host, Co-Author of Defensive Security Handbook | |
| Amanda Rousseau | @MalwareUnicorn | Offensive Security @ Facebook | ||
| Amber Schroader | @gingerwondermom | Founder and CEO of Paraben Corporation | ||
| Andrew Case | @attrc | Memory Forensics | Volatility | |
| Andrew Hay | @andrewsmhay | Andrew Hay | ||
| Andrew Rathbun | @bunsofwrath12 | AndrewRathbun | Admin of Digital Forensics Discord Server, AboutDFIR Contributor, KAPE/EZ Tools GitHub Contributor | |
| Annah Waggoner | @tootsierollpop8 | Adventures in Cyber Challenges | ||
| Anton Chuvakin | @anton_chuvakin | Anton Chuvakin | ||
| Anuj Soni | @asoni | Anuj Soni | Malware Analysis, Reverse Engineering | |
| April Wright | @AprilWright | Architect Security with April Wright | ||
| Artem Baranov | @artem_i_baranov | A blog about rootkits research and the Windows kernel | ||
| Ashley Hernandez | @AshleyDFIR | Director of Product Development, BlackBag | ||
| Barry Grundy | LinuxLEO | LinuxLEO | ||
| Barry Wels | @barrywels | Barry Wels Blog | ||
| Bart | @bartblaze | Blaze's Security Blog | ||
| Becky Selzer | @BeckySecurity | |||
| Benjamin Delpy | @gentikiwi | gentilkiwi | mimikatz | |
| Binni Shah | @binitamshah | |||
| Bjoern Kerler | @viperbjk | bkerler | Mobile Revelator | |
| Blanche Lagny | @moustik01 | |||
| Bob Zeidman | @bib_zeidman | |||
| Brett Shavers | @Brett_Shavers | Brett's Blog | DFIR.Training | |
| Brian Krebs | @briankrebs | Krebs on Security | Cyber Security, Data Breach | |
| Brian Moran | @BriMorLabs | BriMor Labs Blog | ||
| Brian Pennington | @bfpennington | Brian Pennington Blog | ||
| Bridgette Boody | @bridgette_boody | |||
| Bruce Schneier | @schneierblog | Schneier on Security | ||
| Caitie McCaffrey | @Caitie | |||
| Carlos Cajigas | @Carlos_Cajigas | Mash that Key | ||
| Caroline Stephens | @cxstephens | |||
| Chad Tilbury | @chadtilbury | Forensic Methods | SANS Instructor | |
| Charlotte Hammond | @gh0stp0p | |||
| Cheryl Biswas | @3ncr1pt3d | CyberWatch | ||
| Chris Dale | @ChrisADale | e-Disclosure Information Project | SANS Instructor | |
| Christopher Vance | @cScottVance | D20 Forensics | Forensics Consultant, Magnet Forensics | |
| Cindy Murphy | @CindyMurph | Gillware Blog | Co-Owner, Gillware Digital Forensics | |
| Conrad Longmore | @ConradLongmore | Dynamoo Blog | ||
| Craig Ball | @craigball | Ball in your Court | ||
| Dancho Danchev | @dancho_danchev | Dancho Danchev Blog | ||
| Daniel Miessler | @DanielMiessler | Daniel Miessler | ||
| Danielle Kingsbury | @missdkingsbury | CyberSecPsych | Founder of CyberSecPsych | |
| Dave Waterson | @DavidLWaterson | David L. Waterson | ||
| David Cowen | @HECFBlog | Hacking Exposed | Forensic Lunch | |
| David Hoelzer | @it_audit | Show Me The Packets! | SANS Fellow | |
| David Kennedy | Binary Defense Systems | |||
| David Kennedy | Circumventing Encoded Command Detection PowerShell | Hunt, PowerShell | ||
| David Kovar | Integriography | |||
| David Longenecker | @dnlongen | Malicious PDF Analysis | PDF Analysis | |
| Derek Eiri | @mreerie | mr. eerie | derekeiri | |
| Devon Ackerman | @AboutDFIR | AboutDFIR.com | aei4n6 | AboutDFIR.com |
| Didier Stevens | @DidierStevens | Didier Stevens Blog | Tool Development | |
| Domenica Crognal | @domenicacrognal | SANS FOR585 Co-Author and Instructor | ||
| Dori Clark | @clori_dark | |||
| Doug Burks | @securityonion | Security Onion Blog | ||
| Ed Skoudis | @EdSkoudis | SANS Fellow | ||
| Elan Wright | @DFIRDiva | DFIRDiva | ||
| Elizabeth Schweinsberg | @BethLogic | |||
| Emily Crose | @hexadecim8 | HexaDecim8 | EmilyMaxima | |
| Eric Cole | @drericcole | Dr. Eric Cole Blog | SANS Fellow | |
| Eric Conrad | @eric_conrad | Eric Conrad | SANS Fellow | |
| Eric Huber | @ericjhuber | A Fistful of Dongles Blog | ||
| Eric Ooi | @ericooi | ericooi.com | ||
| Eric Zimmerman | @EricRZimmerman | Binary Foray | EricZimmerman | |
| Erika Noerenberg | @gutterchurl | don't blink | ||
| Fabian Mendoza | @DFIRDominican | DFIRDominican | Senior Consultant @ Palo Alto Networks Unit 42 | |
| fl0x2208 | That Security Blog | |||
| Gary Hunter | @pr3cur50r | SALT4N6 | ||
| GI Jane | @i_am_the_gia | |||
| Hal Pomeranz | @hal_pomeranz | Deer Run Associates | SANS Fellow | |
| halvarflake | @halvarflake | ADD / XOR / ROL | Malware analysis | |
| Harlan Carvey | @keydet89 | Windows Incident Response | keydet89 | RegRipper, various DFIR books |
| Heather Mahalik | @HeatherMahalik | Smarter Forensics | hmahalik | SANS FOR585 Co-Author and Instructor, SANS FOR500 Instructor, Director of Digital Intelligence, Cellebrite |
| Ian Whiffin | @BlakDouble | DoubleBlak | ||
| Ismael Valenzuela | @aboutsecurity | Ismael Valenzuela | SANS Instructor | |
| Ivan | @Ivan | Malware Analysis, Reverse Engineering | ||
| Jacob Baines | @junior_baines | Hunting For Web Shells | jacob-baines | Hunt, Web Shells |
| Jad Saliba | @JadAtMagnet | Founder, Magnet Forensics | ||
| Jake Liefer | Detecting In-Memory MimiKatz | Hunt, MimiKatz | ||
| James Lyne | @jameslyne | James Lyne | ||
| Jamie Levy | @gleeda | JL's Stuff | Volatility Core Developer, Co-Author of The Art of Memory Forensics | |
| Jamie Tomasello | @JamieTomasello | |||
| Jason Fossen | @JasonFossen | SANS Fellow | ||
| Jason Hale | @jasonshale | Digital Forensics Stream | USB Detective | |
| Jeff McJunkin | @jeffmcjunkin | |||
| Jek Hyde | @HydeNS33k | |||
| Jelena Milosevic | @_j3lena_ | |||
| Jen Weedon | @jenrweedon | |||
| Jennifer Granick | @Granick | Jennifer Granick | Legal Analysis | |
| Jerry Gamblin | @JGamblin | Jerry Gamblin | ||
| Jessica Hyde | @B1N2H3X | Hexorida | Director of Forensics, Magnet Forensics | |
| Jessica Solper | @jessploit | |||
| Joe | Gironsec Security System Analysis | |||
| Joey Pistone | @daguy666 | daguy666 | Mac IR Toolkit | |
| Johannes Ullrich | @johullrich | SANS Fellow | ||
| John Gruber | @daringfireball | Daring Fireball | ||
| Jon Munsey | @forensicsonline | CFRO - Independent Reviews of Forensic Hardware and Software | CFRO Website | |
| Josh Hickman | @josh_hickman1 | The Binary Hick: Thoughts From a Digital Forensic Practitioner | Creating Android 7, 8, and 9 Test Images | |
| Josh Wright | @joswr1ght | |||
| Joshua I. James | @DFIRScience | Digital Forensic Science | jijames | |
| Kaitlyn Bestenheider | @CryptoKait | Crypto Kait | ||
| Katie Burnell | @thefrozenpea | |||
| Katie Knowles | @_sigil | K. Knowles | ||
| Katie Moussouris | @k8em0 | Founder/CEO, Luta Security | ||
| Katie Nickels | @likethecoins | Katie's Five Cents | SANS FOR578 Instructor | |
| Kelly Lum | @aloria | |||
| Keren Elazari | @k3r3n3 | Keren Elazari | ||
| Kevin Flores | @Kevin_F324 | Kevin's Cyber Journal | CS graduate and DFIR enthusiast | |
| Kirby Plessas | @kirbstr | |||
| Lance Mueller | @lancemueller | ForensicKB | ||
| Lenny Zeltser | @lennyzeltser | Lenny Zeltser on Information Security | ||
| Lesley Carhart | @hacks4pancakes | TISIPHONE.NET | GIAC Testing Blog Post that has been widely shared | |
| Limor Elbaz | @LimorElbaz | Founder/CEO, Peerlyst | ||
| Limor Fried | @adafruit | Adafruit Industries | Founder, Adafruit | |
| Lodrina Cherne | @hexplates | SANS FOR500 Instructor | ||
| Marco Neumann | @kal_inko | Be-binary 4n6 | ||
| Mari Degrazia | @maridegrazia | Another Forensics Blog | mdegrazia | SANS FOR500 Instructor |
| Mariah Sexton | @BorealisNinja | BorealisNinja | ||
| Marjorie Ferrone | @MarjorieFerrone | Drone Parks Worldwide | ||
| Mark McKinnon | Computer Forensics/E-Discovery Tips/Tricks and Information | |||
| Markus Klein | @Virtual_MKL | AcidX | VMWare | |
| Mary Ellen | @icanhaspii | Mennonite in Manhattan | ||
| Matt Edmondson | @matt0177 | Digital Forensics Tips | SANS Instructor | |
| Matthew Green | @matthew_d_green | Cryptographic Engineering | ||
| Matthew Seyer | @forensic_matt | forensicmatt | Forensic Lunch, DFIR Tool Development in Rust | |
| Max Kersten | @LibraAnalysis | Max Kersten | Malware Analysis | |
| Meagan Dunham Keim | @Meagan_Dunham | |||
| Michael Bazzell | @IntelTechniques | IntelTechniques | OSINT Jedi Master | |
| Michael Gough | @MichaelGoughTX | Hacker Hurricane | Hunt, Malware Analysis, Threat Intel | |
| Michael Horowitz | Flash CheatSheet | Flash, CheatSheet | ||
| Michael Moore | LawDawg4n6 | |||
| Michael Murr | Forensic Computing | |||
| Mike Williamson | @forensicmike1 | forensic mike | Forensics Consultant, Magnet Forensics | |
| Mila Parkour | ContagioDump | Malware | ||
| Nader Shalabi | @nader_shalabi | t | nshalabi | Tool |
| Nick Caldwell | @nickcald | Worst Career Advice I Ever Received | ||
| Nicole Becher | @thedeadrobots | |||
| Nicole Beckwith | @NicoleBeckwith | |||
| Nir Sofer | NirSoft - Freeware utilities | Many freeware forensic tools | ||
| Parisa Tabriz | @laparisa | As I rap. | ||
| Patricia Watson | @PMWatson | |||
| Paul Lorentz | @PaulScurvy | Cellebrite | ||
| Petter Christian Bjelland | @pcbje | pcbje | AD1 Image Parser | |
| Philippe Teuwen | @doegox | Corkami | Reverse Engineering | |
| Phill Moore | @phillmoore | ThinkDFIR | ||
| Phill Moore | @phillmoore | This Week in 4n6 | This Week in 4n6 | |
| Rachel Tobac | @RachelTobac | CEO, Social Proof Security | ||
| Rafal Los | @Wh1t3Rabbit | Down the Security Rabbithole Podcast (DtSR) | ||
| Raphael Mudge | @armitagehacker | Strategic Cyber LLC | Cobalt Strike | |
| Rebekah Brown | @PDXbek | |||
| Richard Bejtlich | @taosecurity | TaoSecurity | Founder, TaoSecurity | |
| Rob Fitzgerald | @ravici | |||
| Rob Lee | @robtlee | SANS Fellow | ||
| Robert Graham | @ErrataRob | Errata Security | ||
| Robert M. Lee | @RobertMLee | RobertMLee | SANS Instructor | |
| Ron Serber | @RonSerber | Global Co-CEO, Cellebrite | ||
| Russ Taylor | @Russ_Taylor_ | Hats off Security | ||
| Russell Cameron Thomas | @ExplPossibility | Exploring Possibility Space | ||
| Ryan Benson | @_RyanBenson | dfir.blog | ||
| Ryan Chapman | @rj_chap | incidentresponse.training | rj_chap | SANS Instructor |
| Samantha McIlveen | @SamMcIlveen | |||
| Sandro Gauci | @sandrogauci | SIPVicious Blog | sipvicious | |
| Sarah Edwards | @iamevltwin | Mac4n6 | mac4n6 | SANS FOR518 Author and Instructor |
| Sarah Konunchuk (Surzyn) | @SarahSurz13 | |||
| Saskia Kuschke | @s_kuschke | |||
| Scar de Courcier | @scardecourcier | Senior Editor, Forensic Focus | ||
| Scott Lorenz | Mobile Device Forensics and Analysis | EDL Research | ||
| Seth Misenar | @sethmisenar | Context Security | SANS Fellow | |
| Shahar Tal | @jifa | VP Research, Cellebrite | ||
| Shelly Giesbrecht | @Nerdiosity | Nerdiosity | Stylish Bow Ties | |
| Sherri Davidoff | @SherriDavidoff | CEO, LMG Security | ||
| Stephen Northcutt | @StephenNorthcut | SANS Fellow | ||
| Stephen Sims | @Steph3nSims | |||
| Sue | @Sirius_Malware | |||
| Susan Brenner | Cyb3rCrim3 | Law Professor | ||
| Susan Peediyakka | @v33na | |||
| Tammy Reuter | @tammyreuter | |||
| Tania Allard | @ixek | Tania's blog site | ||
| Tanya Baccam | @tbaccam | SANS MGT414 Instructor | ||
| Tanya Janca | @shehackspurple | Tanya Janca | shehackspurple | |
| Tarah Wheeler | @tarah | |||
| Teri Radichel | @TeriRadichel | CEO, 2nd Sight Lab | ||
| Tim Medin | @TimMedin | SANS Instructor | ||
| Tom Slovenski | @TomSlovenski | Cellular Forensics LLC | Cell Phone Forensics | |
| Tony Knutson | @bigt252002 | SANS SME, AboutDFIR Contributor | ||
| Tracy Maleeff | @InfoSecSherpa | InfoSecSherpa | ||
| Veronica Schmitt | @Po1Zon_P1x13 | |||
| Wendi Whitmore | @WendiWhitmore | |||
| Wendy Edwards | @wayward710 | |||
| Wendy Knox Everette | @wendyck | Wendy Knox Everette | wendyck | |
| Wendy Nather | @wendynather | Idoneous Security | Head of Advisory CISOs, Cisco | |
| Whitney Champion | @shortxstack | whitney ellis champion | shortstack | |
| Whitney Merrill | @wbm312 | Whitney B. Merrill | Privacy/InfoSec Lawyer | |
| Xena Olsen | @Ch33r10 | CH33R10 | ||
| Yogesh Khatri | @swiftforensics | Swift Forensics | ydlhatri | Mac Forensics Tools |